urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com Open in urlscan Pro
13.225.78.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Submission: On October 29 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 10 countries across 80 domains to perform 489 HTTP transactions. The main IP is 13.225.78.46, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 88579.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.
This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 13.225.78.46 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:21f... 16509 (AMAZON-02)
18 13.225.78.22 16509 (AMAZON-02)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
5 23.35.237.151 16625 (AKAMAI-AS)
18 13.225.78.21 16509 (AMAZON-02)
2 52.205.55.37 14618 (AMAZON-AES)
1 193.123.32.111 31898 (ORACLE-BM...)
12 13.224.189.51 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
6 34.96.102.137 396982 (GOOGLE-CL...)
1 13.224.194.76 16509 (AMAZON-02)
7 51.104.28.77 8075 (MICROSOFT...)
3 13.225.78.42 16509 (AMAZON-02)
1 13.225.84.171 16509 (AMAZON-02)
1 13.225.84.201 16509 (AMAZON-02)
1 151.139.128.11 20446 (STACKPATH...)
6 13.224.195.78 16509 (AMAZON-02)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
4 6 185.89.210.180 29990 (ASN-APPNEX)
5 34.107.254.252 396982 (GOOGLE-CL...)
1 35.177.207.2 16509 (AMAZON-02)
1 13.225.85.39 16509 (AMAZON-02)
6 35.190.14.224 15169 (GOOGLE)
2 34.251.246.199 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a03:b0c0:3:f... 14061 (DIGITALOC...)
1 52.206.146.55 14618 (AMAZON-AES)
14 2a00:1450:400... 15169 (GOOGLE)
1 3.219.226.109 14618 (AMAZON-AES)
3 54.209.240.154 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.229.34.254 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 54.74.40.111 16509 (AMAZON-02)
27 54.76.141.166 16509 (AMAZON-02)
3 13.225.87.188 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:b0c0:3:d... 14061 (DIGITALOC...)
7 2a00:1450:400... 15169 (GOOGLE)
3 52.17.99.225 16509 (AMAZON-02)
1 44.208.177.146 14618 (AMAZON-AES)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 13.224.189.106 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.120.23.223 396982 (GOOGLE-CL...)
1 205.185.216.10 20446 (STACKPATH...)
1 104.18.12.76 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 13.224.189.42 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
9 52.206.60.169 14618 (AMAZON-AES)
5 52.223.40.198 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 34.202.126.101 14618 (AMAZON-AES)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
27 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 44.206.165.148 14618 (AMAZON-AES)
1 13.225.78.37 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 23.206.210.112 16625 (AKAMAI-AS)
8 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
3 5 104.18.18.126 13335 (CLOUDFLAR...)
14 2a02:2638::c 44788 (ASN-CRITE...)
1 2a02:2638::21 44788 (ASN-CRITE...)
11 2a00:1450:400... 15169 (GOOGLE)
1 3.125.142.177 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
1 3.68.252.139 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.198 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
1 74.125.140.156 15169 (GOOGLE)
3 52.209.85.71 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 2600:9000:21f... 16509 (AMAZON-02)
1 4 52.209.163.202 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 185.86.137.122 201081 (SMARTADSE...)
2 2600:1f18:143... 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 146.75.116.157 54113 (FASTLY)
3 3 54.216.196.145 16509 (AMAZON-02)
1 2 142.250.186.166 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 52.58.67.250 16509 (AMAZON-02)
2 2600:1f13:800... 16509 (AMAZON-02)
4 2.16.186.242 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 18.156.0.31 16509 (AMAZON-02)
2 72.251.249.9 32475 (SINGLEHOP...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a04:4e42:200... 54113 (FASTLY)
3 3 35.227.252.103 15169 (GOOGLE)
1 151.101.193.140 54113 (FASTLY)
1 2 37.157.4.24 198622 (ADFORM)
3 104.75.88.209 16625 (AKAMAI-AS)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 5 142.250.186.98 15169 (GOOGLE)
3 3 52.16.190.94 16509 (AMAZON-02)
2 3.124.212.5 16509 (AMAZON-02)
3 3 13.248.245.213 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 4 37.157.4.41 198622 (ADFORM)
2 2 213.155.156.168 1299 (TWELVE99 ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 2a02:2638:1::18 44788 (ASN-CRITE...)
1 2 52.94.223.37 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 146.59.148.16 16276 (OVH)
1 35.204.74.118 396982 (GOOGLE-CL...)
3 3 54.247.105.151 16509 (AMAZON-02)
3 3 18.193.243.10 16509 (AMAZON-02)
2 23.205.235.133 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
489 130
35    13.225.78.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-46.fra2.r.cloudfront.net
www.thestar.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:21f3:1a00:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prebid.the-ozone-project.com
18    13.225.78.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-22.fra2.r.cloudfront.net
e377.thestar.com
10    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
1    2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
7    2600:9000:20eb:8800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
1    2606:4700:4400::ac40:92f1 (United States)

ASN13335 (CLOUDFLARENET, US)
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
sejs.moatads.com
z.moatads.com
px.moatads.com
18    13.225.78.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-21.fra2.r.cloudfront.net
images.thestar.com
2    52.205.55.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-55-37.compute-1.amazonaws.com
torstar.blueconic.net
1    193.123.32.111 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
torstar.gscontxt.net
12    13.224.189.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-51.fra2.r.cloudfront.net
resources.thestar.com
1    2606:4700:20::ac43:490d (United States)

ASN13335 (CLOUDFLARENET, US)
static.app.delivery
8    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    13.224.194.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-76.fra2.r.cloudfront.net
d5phz18u4wuww.cloudfront.net
7    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserver.pressboard.ca
sr.studiostack.com
3    13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    13.225.84.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-171.fra2.r.cloudfront.net
d1nxn87txdj54y.cloudfront.net
1    13.225.84.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-201.fra2.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn.petametrics.com
6    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
3    2600:1f18:44f0:4864:1a08:46f1:fe35:b27f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
6    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    35.177.207.2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-207-2.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net
cdn.parsely.com
6    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
2    34.251.246.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-246-199.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
events.kumulos.com
1    52.206.146.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-146-55.compute-1.amazonaws.com
i.viafoura.co
14    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
1    3.219.226.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-226-109.compute-1.amazonaws.com
api.parsely.com
3    54.209.240.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-240-154.compute-1.amazonaws.com
embed.sendtonews.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    54.229.34.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-34-254.eu-west-1.compute.amazonaws.com
torontostarnewspaperslimited.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
s.thestar.com
1    54.74.40.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-40-111.eu-west-1.compute.amazonaws.com
cm.everesttech.net
27    54.76.141.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
elb.the-ozone-project.com
3    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a03:b0c0:3:d0::be2:3001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
push.kumulos.com
7    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
3    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    44.208.177.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-177-146.compute-1.amazonaws.com
images.parsely.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.224.189.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-106.fra2.r.cloudfront.net
api.thestar.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
1    34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com
engagefront.theweathernetwork.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
media-cdn-eu-central-1.app.delivery
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1    2600:9000:21f3:5e00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    52.206.60.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-60-169.compute-1.amazonaws.com
s2l.sendtonews.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.202.126.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-126-101.compute-1.amazonaws.com
id.sv.rkdms.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
27    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    44.206.165.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-165-148.compute-1.amazonaws.com
timber.sendtonews.com
1    13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
8    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
5    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
14    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
11    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    3.125.142.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-142-177.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    3.68.252.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-252-139.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net
bid.g.doubleclick.net
3    52.209.85.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-85-71.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    2600:9000:21f3:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    52.209.163.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-163-202.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:26::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5lznls.c.2mdn.net
2    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
2    2600:1f18:1430:9001:8e3d:635c:9121:4ea8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pixel.thestar.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    54.216.196.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-196-145.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
10230056.fls.doubleclick.net
2    2a02:26f0:6c00:2a2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    52.58.67.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-250.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f13:800:7782:3796:5ca4:dcab:6108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
ade.googlesyndication.com
cm.g.doubleclick.net
3    52.16.190.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-190-94.eu-west-1.compute.amazonaws.com
ad2.360yield.com
2    3.124.212.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-212-5.eu-central-1.compute.amazonaws.com
crb.kargo.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a02:2638:1::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    54.247.105.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-105-151.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    18.193.243.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-243-10.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
89 thestar.com
www.thestar.com — Cisco Umbrella Rank: 88579
e377.thestar.com — Cisco Umbrella Rank: 276433
images.thestar.com — Cisco Umbrella Rank: 95856
resources.thestar.com — Cisco Umbrella Rank: 195752
s.thestar.com — Cisco Umbrella Rank: 288621
api.thestar.com — Cisco Umbrella Rank: 337952
pixel.thestar.com — Cisco Umbrella Rank: 390909
2 MB
43 googlesyndication.com
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
ade.googlesyndication.com — Cisco Umbrella Rank: 269
276 KB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
pubads.g.doubleclick.net — Cisco Umbrella Rank: 446
ad.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 295
bid.g.doubleclick.net — Cisco Umbrella Rank: 499
10230056.fls.doubleclick.net — Cisco Umbrella Rank: 406911
cm.g.doubleclick.net — Cisco Umbrella Rank: 213
253 KB
30 the-ozone-project.com
prebid.the-ozone-project.com — Cisco Umbrella Rank: 18704
elb.the-ozone-project.com — Cisco Umbrella Rank: 8194
123 KB
29 google.com
news.google.com — Cisco Umbrella Rank: 5709
accounts.google.com — Cisco Umbrella Rank: 77
region1.analytics.google.com — Cisco Umbrella Rank: 5362
play.google.com — Cisco Umbrella Rank: 22
adservice.google.com — Cisco Umbrella Rank: 71
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2185
228 KB
23 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
pix.eu.criteo.net — Cisco Umbrella Rank: 8729
csm.eu.criteo.net — Cisco Umbrella Rank: 8826
556 KB
16 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 12920
s2l.sendtonews.com — Cisco Umbrella Rank: 13512
timber.sendtonews.com — Cisco Umbrella Rank: 13790
player.sendtonews.com — Cisco Umbrella Rank: 14114
212 KB
16 cloudfront.net
d5phz18u4wuww.cloudfront.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
630 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 668
image2.pubmatic.com — Cisco Umbrella Rank: 874
simage2.pubmatic.com — Cisco Umbrella Rank: 696
image4.pubmatic.com — Cisco Umbrella Rank: 835
simage4.pubmatic.com
33 KB
12 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1679
static.adsafeprotected.com — Cisco Umbrella Rank: 510
pixel.adsafeprotected.com — Cisco Umbrella Rank: 586
dt.adsafeprotected.com — Cisco Umbrella Rank: 506
146 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 300
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 498
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1241
98 KB
10 kumulos.com
events.kumulos.com — Cisco Umbrella Rank: 110325
push.kumulos.com — Cisco Umbrella Rank: 142904
5 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
272 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
502 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
gcdn.2mdn.net — Cisco Umbrella Rank: 910
r2---sn-4g5lznls.c.2mdn.net — Cisco Umbrella Rank: 594788
1 MB
7 google.de
www.google.de — Cisco Umbrella Rank: 6364
adservice.google.de — Cisco Umbrella Rank: 9167
2 KB
7 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 9842
query.petametrics.com — Cisco Umbrella Rank: 10722
50 KB
7 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11446
296 KB
6 adform.net
cm.adform.net — Cisco Umbrella Rank: 1504
c1.adform.net — Cisco Umbrella Rank: 638
2 KB
6 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 946
pixel.rubiconproject.com — Cisco Umbrella Rank: 338
eus.rubiconproject.com — Cisco Umbrella Rank: 573
token.rubiconproject.com — Cisco Umbrella Rank: 657
12 KB
6 studiostack.com
sr.studiostack.com — Cisco Umbrella Rank: 44534
27 KB
6 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2771
api.parsely.com — Cisco Umbrella Rank: 9824
p1.parsely.com — Cisco Umbrella Rank: 2137
images.parsely.com — Cisco Umbrella Rank: 127500
38 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
5 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4787
112 KB
6 moatads.com
sejs.moatads.com — Cisco Umbrella Rank: 5040
z.moatads.com — Cisco Umbrella Rank: 410
mb.moatads.com — Cisco Umbrella Rank: 667
px.moatads.com — Cisco Umbrella Rank: 468
144 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 417
366 KB
5 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1394
htlb.casalemedia.com — Cisco Umbrella Rank: 470
ssum.casalemedia.com — Cisco Umbrella Rank: 1346
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
5 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2001
715 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
www.linkedin.com — Cisco Umbrella Rank: 584
px4.ads.linkedin.com — Cisco Umbrella Rank: 6621
4 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 831
69 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 548
eb2.3lift.com — Cisco Umbrella Rank: 357
2 KB
4 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 14119
ads.eu.criteo.com — Cisco Umbrella Rank: 8689
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10655
dis.criteo.com — Cisco Umbrella Rank: 702
59 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11753
i.viafoura.co — Cisco Umbrella Rank: 11618
4 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 291
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 483
1 KB
3 360yield.com
ad2.360yield.com — Cisco Umbrella Rank: 17032
914 B
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 801
2 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1413
567 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 286
1013 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
12 KB
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2892
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
234 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
121 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 763
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 202
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 236426
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 150
3 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 458
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5093
562 B
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1672
720 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 685
4 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
554 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 525
69 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 741
22 KB
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1835
563 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 208
25 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 145
170 KB
2 app.delivery
static.app.delivery — Cisco Umbrella Rank: 282269
media-cdn-eu-central-1.app.delivery — Cisco Umbrella Rank: 570800
49 KB
2 blueconic.net
torstar.blueconic.net — Cisco Umbrella Rank: 302658
2 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 812
611 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3092
419 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1529
157 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1408
8 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
724 B
1 t.co
t.co — Cisco Umbrella Rank: 475
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 601
15 KB
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 501
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1214
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8624
96 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4302
167 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 783
360 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 597
13 KB
1 theweathernetwork.com
engagefront.theweathernetwork.com — Cisco Umbrella Rank: 32028
309 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1075
517 B
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 313610
393 B
1 pressboard.ca
adserver.pressboard.ca — Cisco Umbrella Rank: 65964
789 B
1 gscontxt.net
torstar.gscontxt.net — Cisco Umbrella Rank: 255980
296 B
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 245978
131 KB
0 districtm.io Failed
dmx.districtm.io Failed
489 80
Domain Requested by
35 www.thestar.com www.thestar.com
27 tpc.googlesyndication.com 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
www.thestar.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
27 elb.the-ozone-project.com prebid.the-ozone-project.com
elb.the-ozone-project.com
18 images.thestar.com www.thestar.com
18 e377.thestar.com www.thestar.com
e377.thestar.com
14 pix.eu.criteo.net ads.eu.criteo.com
12 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
www.thestar.com
12 resources.thestar.com www.thestar.com
resources.thestar.com
11 pagead2.googlesyndication.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
10 googleads.g.doubleclick.net 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
www.googletagmanager.com
10 news.google.com 1 redirects www.thestar.com
news.google.com
www.gstatic.com
9 s2l.sendtonews.com embed.sendtonews.com
9 securepubads.g.doubleclick.net www.thestar.com
securepubads.g.doubleclick.net
8 static.criteo.net ads.eu.criteo.com
8 www.googletagmanager.com www.thestar.com
www.googletagmanager.com
7 play.google.com www.gstatic.com
7 cdn.viafoura.net www.thestar.com
cdn.viafoura.net
6 events.kumulos.com static.app.delivery
6 sr.studiostack.com adserver.pressboard.ca
sr.studiostack.com
6 query.petametrics.com www.thestar.com
6 ib.adnxs.com 4 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
d29xw9s9x32j3w.cloudfront.net
6 c.amazon-adsystem.com www.thestar.com
c.amazon-adsystem.com
embed.sendtonews.com
6 dev.visualwebsiteoptimizer.com www.thestar.com
dev.visualwebsiteoptimizer.com
d5phz18u4wuww.cloudfront.net
5 www.google.com 1 redirects tpc.googlesyndication.com
5 match.adsrvr.org js-sec.indexww.com
ads.pubmatic.com
elb.the-ozone-project.com
5 www.google.de www.thestar.com
5 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 analytics.tiktok.com www.thestar.com
analytics.tiktok.com
4 pixel.adsafeprotected.com 1 redirects static.adsafeprotected.com
pixel.adsafeprotected.com
4 push.kumulos.com static.app.delivery
4 www.gstatic.com news.google.com
www.gstatic.com
3 x.bidswitch.net 3 redirects
3 match.prod.bidr.io 3 redirects
3 cm.g.doubleclick.net 3 redirects
3 ads.pubmatic.com elb.the-ozone-project.com
ads.pubmatic.com
3 eb2.3lift.com 3 redirects
3 ad2.360yield.com 3 redirects
3 ssum.casalemedia.com 3 redirects
3 ct.pinterest.com s.pinimg.com
3 rtb.openx.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 bat.bing.com www.thestar.com
bat.bing.com
3 ads.avct.cloud 3 redirects
3 www.facebook.com
3 static.adsafeprotected.com imasdk.googleapis.com
www.thestar.com
3 unified.adsafeprotected.com imasdk.googleapis.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 timber.sendtonews.com embed.sendtonews.com
3 s0.2mdn.net imasdk.googleapis.com
tpc.googlesyndication.com
3 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
3 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
10230056.fls.doubleclick.net
3 p1.parsely.com cdn.parsely.com
www.thestar.com
3 fonts.gstatic.com news.google.com
fonts.googleapis.com
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 embed.sendtonews.com www.thestar.com
embed.sendtonews.com
3 www.googletagservices.com www.thestar.com
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 unpkg.com 2 redirects www.thestar.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 sb.scorecardresearch.com www.thestar.com
3 prebid.the-ozone-project.com www.thestar.com
prebid.the-ozone-project.com
3 fonts.googleapis.com www.thestar.com
embed.sendtonews.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 simage2.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pixel.rubiconproject.com
2 crb.kargo.com elb.the-ozone-project.com
2 ade.googlesyndication.com
2 px.ads.linkedin.com 2 redirects
2 cm.adform.net 1 redirects
2 snap.licdn.com www.thestar.com
snap.licdn.com
2 ap.lijit.com
2 dt.adsafeprotected.com
2 match.sharethrough.com
2 s.pinimg.com www.thestar.com
s.pinimg.com
2 10230056.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 pixel.thestar.com connect.facebook.net
2 ssbsync-global.smartadserver.com 2 redirects
2 r2---sn-4g5lznls.c.2mdn.net
2 gcdn.2mdn.net 2 redirects
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 px.moatads.com www.thestar.com
2 cdnjs.cloudflare.com embed.sendtonews.com
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 api.thestar.com www.thestar.com
2 connect.facebook.net e377.thestar.com
connect.facebook.net
2 s.thestar.com resources.thestar.com
2 region1.analytics.google.com www.googletagmanager.com
2 dpm.demdex.net resources.thestar.com
www.thestar.com
2 z.moatads.com www.thestar.com
sejs.moatads.com
2 torstar.blueconic.net e377.thestar.com
1 simage4.pubmatic.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 alb.reddit.com
1 www.redditstatic.com www.thestar.com
1 analytics.twitter.com
1 t.co
1 static.ads-twitter.com www.thestar.com
1 fundingchoicesmessages.google.com www.thestar.com
1 csi.gstatic.com imasdk.googleapis.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 ad.doubleclick.net www.thestar.com
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 secure.cdn.fastclick.net www.thestar.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 ads.eu.criteo.com 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.thestar.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 media-cdn-eu-central-1.app.delivery www.thestar.com
1 engagefront.theweathernetwork.com www.thestar.com
1 images.parsely.com www.thestar.com
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 api.parsely.com www.thestar.com
1 i.viafoura.co cdn.viafoura.net
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 mb.moatads.com sejs.moatads.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 cdn.petametrics.com www.thestar.com
1 d1z2jf7jlzjs58.cloudfront.net www.thestar.com
1 d1nxn87txdj54y.cloudfront.net www.thestar.com
1 adserver.pressboard.ca www.thestar.com
1 d5phz18u4wuww.cloudfront.net www.thestar.com
1 static.app.delivery www.thestar.com
1 torstar.gscontxt.net www.thestar.com
1 sejs.moatads.com www.thestar.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.thestar.com
1 accounts.google.com www.thestar.com
0 dmx.districtm.io Failed
489 153
Subject Issuer Validity Valid
*.thestar.com
Trustwave Organization Validation SHA256 CA, Level 1		 2022-09-27 -
2023-10-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.the-ozone-project.com
Amazon		 2021-12-23 -
2023-01-20		 a year crt.sh
bc.niagarafallsreview.ca
Amazon		 2022-02-28 -
2023-03-29		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2		 2022-03-17 -
2023-03-17		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
cdn.liftigniter.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.prmutv.co
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.liftigniter.com
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2021-11-16 -
2022-12-18		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.kumulos.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-03 -
2023-06-02		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
s.thestar.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.ozpr.net
Amazon		 2022-05-08 -
2023-06-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-07 -
2022-11-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
engagefront.theweathernetwork.com
GTS CA 1D4		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.app.delivery
Sectigo RSA Domain Validation Secure Server CA		 2022-03-18 -
2023-03-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon		 2022-10-18 -
2023-11-15		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
pixel.thestar.com
Amazon		 2022-06-08 -
2023-07-07		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.dev.kargo.com
Amazon		 2022-03-01 -
2023-03-29		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 31 frames:

Primary Page: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Frame ID: DD38F43000722160BF536F40769AD057
Requests: 291 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: B5410A7F4F20582F410AF8A9C5710290
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Frame ID: 8E3A30F566086F022B83D11532F34065
Requests: 13 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 1A52B18C9A67A8235125ABE2717B2891
Requests: 1 HTTP requests in this frame

Frame: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B69DA86AE851BD224320D4B93A07FC0
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: D6F9875B33544B14C006A06B8162A969
Requests: 16 HTTP requests in this frame

Frame: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63143934F128AFA924B309DE3BF706E2
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: 8500541004819FB39B908AAABA1F0932
Requests: 25 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Frame ID: 81A3474E918475F414360E9A795831CE
Requests: 21 HTTP requests in this frame

Frame: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1ADEF3D3CBA86002EE34800F1A1E53DC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Frame ID: E1CA3C87521BA87619CB9C16092F2D44
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 28CE01E16809E6DA71762F7F18C87C55
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2EDF1586D2EBCBF4A3F7D5609D76244
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FD440CF45E0D655C452DE999DFDAA5E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 231CC486BB9466523F68EED36BA65736
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Frame ID: EBEFCB767C124EE4BCD7CE464AA4FBFA
Requests: 19 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283639&bidder=ozone
Frame ID: 60CFB9479637749C6143EF66916D976B
Requests: 19 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Frame ID: A14C9A802A5D20B69221819C447B259E
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FE0450B8AAB81BB29282B69B19EE3887
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 43B0369800FCC2D28435EB2C961581E8
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EBC49DBEFAEFBA9D53D1C4B6BB1C44DC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E0C5D1E176215D1D5A5819D9C76BF5D6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: A891399687E85805A42505EE3DB6FC57
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: B1EEF3FC1651888B81225280CD97E28A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
Frame ID: B591167FAB9B2F71A7D271D2907E97C2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4096643420325195087
Frame ID: 7B6B394D7C0430151A6D4C367FE23433
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&gdpr=0&gdpr_consent=
Frame ID: CB59E16815D6AA041241CB2D56DBF9AC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 61E8CE6FEA35E02C36ECFCEF9B3F6A92
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4536031174513561289&gdpr=0&gdpr_consent=
Frame ID: E0B6F22D7C81A68DB16266C38DBFBC15
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B7313F06E5E3B5349F7227EA050E3316
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 927B613B452DCD489811CB5B749984E1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Toys ‘R’ Us reportedly in talks to sell Asian business | The Star

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

489
Requests

92 %
HTTPS

36 %
IPv6

80
Domains

153
Subdomains

130
IPs

10
Countries

9107 kB
Transfer

22770 kB
Size

126
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@3.0.4 HTTP 302
  • https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js
Request Chain 109
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463058&publicationId=thestar.com HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Request Chain 129
  • https://cm.everesttech.net/cm/dd?d_uuid=14240018064253447653102446654314007268 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1yS0wAAAIj0ZAN-
Request Chain 306
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 355
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Request Chain 360
  • https://gcdn.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/BB5C91E251EC15BEF85A296A442C4709099CF246.C7403AF6B31C8A44954D928F13614971B4854BA/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29BCEF4BE15B1D84FAF2BB3A342B844B33CB348A.0D4D8A01BA09C7F1FB0C3F97AD79A2EC162F9352/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011242/mv/m/mvi/2/pl/49/file/file.mp4
Request Chain 361
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
Request Chain 374
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
Request Chain 375
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html HTTP 302
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Request Chain 384
  • https://gcdn.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/BB5C91E251EC15BEF85A296A442C4709099CF246.C7403AF6B31C8A44954D928F13614971B4854BA/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D854B60A637339D7304F7913020B7272F603A78.80C99930E76C927B14441B85EE6C4B7A72924578/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011015/mv/m/mvi/2/pl/49/file/file.mp4
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
Request Chain 408
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
Request Chain 414
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1667011287203%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Fbusiness%252F2018%252F02%252F27%252Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&liSync=true&e_ipv6=AQK-LJ0cDycisgAAAYQhnZqM2OF6zs-vHHXQU5T-xfAQQ-pQuqN0Q154WvlwN3m0jrgUnNvkMb0EHdu8EL-csYMoKCccIQ
Request Chain 418
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
Request Chain 428
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
Request Chain 436
  • https://pixel.adsafeprotected.com/rfw/st/1215946/66419885/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&ias_campId=1009465732&ias_pubId=&ias_placementId=18585806795&ias_chanId=1&ias_dealId=&ias_impId=v4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv&ias_dspId=3&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmI0AEoGqfMX6w-1xK6EL3qa8d_kZCpGWIeUM-tcJuDAIw0-3bdiVjhzWF6LXPHtes4jiHCW5J7bORa4gOT-P1jY_NOh2uD4j7FyJqGRn1loJqksfgceOvqq6YyB0m9Odn2Tn6IC_ofjTf1oDAIZ9jyJPSjL8g4tw&sai=AMfl-YSjbAWte70PrG-Bu859YjNx_G35vGWEm1VoJKnOVBRyAU_JXmun7LI4xQ-KK5OH95rRbvU9Oaht9415WUtfEswuNK5HlJ_HYy58VWdYQY8kppNvzUInpoFbMifimfaw9A&sig=Cg0ArKJSzJXfdI2GMzGqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&urlfix=1&vt=13&sdkv=h.3.541.0&adurl=&ias_xappb=&mon=66419885&redirectedRetries=0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b
Request Chain 446
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
Request Chain 447
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Request Chain 449
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
Request Chain 455
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
Request Chain 456
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
Request Chain 457
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4096643420325195087
Request Chain 458
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&gdpr=0&gdpr_consent=
Request Chain 460
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4536031174513561289&gdpr=0&gdpr_consent=
Request Chain 461
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ulIEjFhxTGqwQ3AAKraOjg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 463
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4745635c-92d7-4b00-8e10-57390f527df2
Request Chain 464
  • https://pixel.onaudience.com/?partner=214&mapped=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkE1MjA0OEMtNTg3MS00QzZBLUIwNDMtNzAwMDJBQjY4RThF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiXD2NYhIEcoVAcVaB8fdI&google_cver=1
Request Chain 468
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8171572046384742186
Request Chain 471
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
Request Chain 472
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Request Chain 473
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
Request Chain 475
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
Request Chain 476
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Request Chain 479
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
Request Chain 480
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Request Chain 481
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
Request Chain 482
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Request Chain 483
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8893972195487942222

489 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request toys-r-us-reportedly-in-talks-to-sell-asian-business.html
www.thestar.com/business/2018/02/27/ 		117 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
3be8db3fc54e689b718a5ca13c25305cc400b9519f96193225d19c44da5f62f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://amp.thestar.com
age
4
cache-control
max-age=180
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 02:41:16 GMT
etag
W/"1d521-qGKxCZASMT1tZU1/JeT4daYW/1w"
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-id
opTK6tfg5SEC5J0OP6Rs6-JI86R6SZNJxsIv2lhBYTkJJL1yNRCjjw==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN
x-powered-by
Express
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 01:58:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Oct 2022 02:41:21 GMT
TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 		24 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:13:30 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8871
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"6028-183f0b01498"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
svHaidZc0xd7NeGVUgKQWbN6UikGL4XxMtnE6NSmgA6eagNWjistNg==
TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:59:51 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9690
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18316
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"478c-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
ckI0h6yEO5Cd3M0b1JO4AwU6yfKP_A0FByAKlTwb8A9sb5hdAiuV_w==
TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:55:26 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6355
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18276
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4764-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
W-TRqegiw46HQJqAiepH7tCNc1bVCZ97DDYQkTugO9Ic33Rq-X1wzg==
TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:32:11 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
7750
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
19052
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4a6c-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
5XAC_unFf-FChnS0Yr1CAwTwsRPmlpTYlFWYguc42B9_yeWmns4Pkg==
TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:29:14 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
11527
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18736
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4930-183f0b01498"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
-MSZc8UrjNZqnbb1mAJaKtWn0JL2xEFigVIj0P9XWIivfBbWOgkhow==
MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:45:10 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3371
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
55032
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d6f8-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
8SEjOvL4wYiRCC4aL0qskrP6BpGk61URLc1IocBosy8z2KKxJARAcA==
MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:50:23 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6658
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
53664
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d1a0-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
_sNh-jIWyDtI9yDaxMzf1ixfPneMYmXpSzDCYpYSaKllECNT6ZURtg==
MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:59:51 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9690
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
56380
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"dc3c-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
j58aZBAyhPnAXIZ3Ejj0W3xmBZLDOiMi1slgqN0JzdV_74ck6Pcg9A==
MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:59:51 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9690
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54800
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d610-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
Xhh4QHv-qz1raCjZTkAtKtuSG91myshimMmxJkbmedHSoP2Wv_hWEg==
MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:59:51 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9690
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54304
last-modified
Wed, 19 Oct 2022 14:40:15 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d420-183f0b01498"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
BfY0zcyn9kvTdw7cli-tK1UXIsREvPm02f-l1VzJrJPMzgKevKxOfg==
toronto-star-adunits.js
prebid.the-ozone-project.com/hw/torstar/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 04:31:57 GMT
content-encoding
br
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 02:13:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79764
etag
W/"47ec15276ab051ddd124dd65b61efb8f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
sO8f9Mrb7-QPCzZ9VnglRzfFwunYD_Ldo6uanP-xEZ5T8wb1zF81Bw==
script.js
e377.thestar.com/ 		137 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/script.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
c186fd0a9017e1bec987d2f06eb0028e4a91e7166eb181b526f64d4a8ce03b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
age
550
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41643
x-xss-protection
1; mode=block
last-modified
Wed, 26 Oct 2022 03:57:46 GMT
server
-
etag
a52db7ccfb947abdd2ddaf1b05df42fa
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
yRtIcUqHC_8rAUZVr4-5fEZ4jTIok2KffV85NkrjocuwFceQ0Wv04g==
expires
Sat, 29 Oct 2022 02:42:11 GMT
swg.js
news.google.com/swg/js/v1/ 		150 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7c76c649d5516810b9f8ec8680bc31d20014124f58517b241e6c208ad760a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47140
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 16:10:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 02:52:20 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		71 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef9954f9efaeb921c0507502acc686a052c11ed61a6fdd9f6100f7b68ef3151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:14:22 GMT
x-content-type-options
nosniff
age
1619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72906
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 16:10:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 03:04:22 GMT
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PMjXQdm-snAkXPwcwAN2EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-PMjXQdm-snAkXPwcwAN2EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 29 Oct 2022 02:41:21 GMT
vf-v2.js
cdn.viafoura.net/ 		762 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f53d2b946d632342cb88f35d1cd810f991c7e80f7a363310464af73132235e77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
Ar9zYwFcbUMzinL.1_a4jMAz7htegq0w
content-encoding
br
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date
Sat, 29 Oct 2022 02:38:21 GMT
x-amz-cf-pop
FRA2-C1
age
185
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Oct 2022 15:07:40 GMT
server
AmazonS3
etag
W/"0f22a5b1318807bef2f9a45cc8e59e3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
NgqoHsVn0J8nrtbE1K4jhc5ik_lZyqS3PWdj3J8PXOo7-kEDQ5EM7A==
72.css
www.thestar.com/static/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
adf4a7ef4e7dedcbcacd0dba7dd2cdff51f09f6add450cbe42936bdbd8591b2d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:53:57 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
28044
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"19a0-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
hveWy4X6dxNC00O4Im6O6me_EprSz8VYtOCdhfUE0a3MDSum4fQ8dQ==
bundle.css
www.thestar.com/static/ 		404 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.css?v=2617d2028b90eff31a57
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
33b6cdd4029dec60edf07301ff36d5bdc1ec9579701d5e5d0315f8544d2a7a88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:53:57 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
28044
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"64fcd-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
RvXEkjEJelMGxjR_jHZsEft11p_Gh1mPqbCwxsLPRd23V311mEVlJg==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 		518 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:92f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d12a793e16810312243c3f04a1d0eb87ba29436acfc0a047bc12068ae1cedad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
age
108
x-guploader-uploadid
ADPycdsfrI2XGJYqtV-i5PDC3d6-dbZBNumkZ17M7xgtbe9rhHU7wd_0DdKNP3h6Ywrs1-h8f0gb5Ma7yrUoSE1d75Xxlw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 29 Sep 2022 17:33:45 GMT
server
cloudflare
etag
W/"cd1cf2d9e442cf00cf3633544b2ae5a3"
vary
Accept-Encoding
x-goog-generation
1664472825771258
content-type
application/javascript
x-goog-hash
crc32c=2nCz3Q==, md5=zRzy2eRCzwDPNjNUSyrlow==
cache-control
public, max-age=900
x-goog-stored-content-length
137332
cf-ray
76188d3e3ecc9b6a-FRA
expires
Sat, 29 Oct 2022 02:56:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
075f0b96d3f5faf88ceadde797d80b24f65331ed73b6787306aad4823b6c16b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27393
x-xss-protection
0
server
sffe
etag
"1377 / 570 of 1000 / last-modified: 1666994710"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Oct 2022 02:41:21 GMT
yi.js
sejs.moatads.com/torontoprebidheader623296055317/ 		251 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6bff897e85e41773fff1825d4263820292c1922637de90cc8aa9321b11d2d509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:21 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
AH70BPW8FKP3YWF1
ETag
"b3d91a31437661b7564e1f6702666926"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=16223
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
Ti2dvRVqRc7YVToKGF0eZaaw6BC5FWs010I5pWe/VjKFZtRzrxnASdDCLuERYB+jD6OKeJu764A=
ads.js
www.thestar.com/assets/js/ 		22 B
492 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/js/ads.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:22:54 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
1107
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"16-183f0b01880"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
NH38ngDfscrGfB2CDO3y9JjosagPk5dOcnnH71ZObI5K0gt_mxakbA==
logo-toronto.svg
www.thestar.com/assets/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-toronto.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:49:56 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6685
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"1df3-183f0b01880"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
BaTQJpwDm7qM2qhtaMZonNaasB66zSzusU6wJlcfEfNI1HaOEDio9Q==
logo-round-thestar.svg
www.thestar.com/assets/svg/ 		589 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-round-thestar.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:55:26 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
6355
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
589
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"24d-183f0b01880"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
kyTXtml7XG0v08zXJ71ot4iZMlSGpONn30LfUlDA3ta03C-Ve7icmg==
toys_r_us.jpg
images.thestar.com/aGkeytGebjNlnBcBzlZ2cAm0qUs=/1086x724/smart/filters:cb(2700061000):format(webp)/https://www.thestar.com/content/dam/thestar/business/2018/02/27/toys-r-us-reportedly-in-talks-to-s... 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/aGkeytGebjNlnBcBzlZ2cAm0qUs=/1086x724/smart/filters:cb(2700061000):format(webp)/https://www.thestar.com/content/dam/thestar/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business/toys_r_us.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
61d3e84ce928ca29ac6e37922d62d6b9423862506ca7bd4bdc71d96454927c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:45:01 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
53781
etag
"d29f8f475dddfe1d3d27f84e826c1b8e6b66f41e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
32872
x-amz-cf-id
SJm0ky1H-d9OaLeUbhpV7-4KWtH51tzZeJmTnZi03FvxQa3FGm8kDA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
brandmark-thestar.svg
www.thestar.com/assets/svg/ 		263 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/brandmark-thestar.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:59:53 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9688
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
263
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"107-183f0b01880"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
xSPN8O1XHtWb26cuKcVkx3waaqNH44LwYVtQ8HXPTrijgUz9R3uRiQ==
app-store.svg
www.thestar.com/assets/svg/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/app-store.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:21:44 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8377
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"1e63-183f0b01880"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
5edqe3TOvMwX-hMm9hAsqZqQ_gKleLPd2L-iHOc2DUkow1nWXcEtUg==
google-play.svg
www.thestar.com/assets/svg/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/google-play.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:32:11 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
7750
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"2859-183f0b01880"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
iMIe1dh0rARb6KWYVFbvzTMh8qUItXojrJZPa0yvTf-BccmtVaofAQ==
vendors~bundle.chunk.js
www.thestar.com/static/ 		2 MB
567 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
d83f535ee31b4e368700e1252f8876bf7cd65e3171a441694dfd5c201e00056b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:35 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
105
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"20091b-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
IZ8eag99xQanSjI4QXffx1C17akHUj7eylwQc5K-px0BPVvsh8imaw==
bundle.js
www.thestar.com/static/ 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.js?v=7c973773
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
c2a10d3c3f51ffe99ee749f3c52c4aeb135841a0a90cfcf6a9c9070de9c61f16
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:35 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
105
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"136b56-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
vdELGvtESwryZwMRzk7CZv7Mqppfc10F644lktjySwvD31dyInQ8fw==
StnSmartPlayer.chunk.js
www.thestar.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/StnSmartPlayer.chunk.js?v=aca79c8e
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4efb7c89f8de72e8351578a6cc851271e73738acd5d74abd24c3d84ead589c20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"bb9-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=300
x-amz-cf-id
G-XGXwwKdxKSyVFOWEoUHo_u14xRHwrRB_62SOC6WPINPD-4fVak5w==
ozpb.js
prebid.the-ozone-project.com/hw/torstar/ 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 06:23:25 GMT
content-encoding
gzip
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 18:26:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
73077
etag
W/"e08e5a6e68f37184e1c046d32d471d44"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Un3zVJ_2T6jGjH-lKQwG4FjnUeDqujqgOGlVZPCWu4QElt24No4ejw==
ozp_global_int.min.js
prebid.the-ozone-project.com/hw/torstar/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 08:10:31 GMT
content-encoding
gzip
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
last-modified
Thu, 28 Apr 2022 14:10:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
66651
etag
W/"c6e67d08c7c4a89b3155020045b68eb1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
wtg7lfcjOPMAcHkTCpZiPv24Ytafbhdol69fhbWJg7jfWlkT2PN29A==
cs
torstar.blueconic.net/DG/DEFAULT/ 		16 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json514
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.55.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-55-37.compute-1.amazonaws.com
Software
- /
Resource Hash
f1d7f44882e5fd7ab03dac44edf1a66d949d898e0256a72cf85b1d2766470e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
channels.cgi
torstar.gscontxt.net/main/ 		218 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.123.32.111 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
dd7c9c756f61ed3d8e15a9e2a0d8a37ce2f73e5ec5e0b81b925d77150bc25a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
218
Content-Type
application/javascript
launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
resources.thestar.com/ 		353 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f8c7ed315896ae1847b5e4394989c4bfb01af9354374a4775eed1372aa52732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:53 GMT
x-amz-version-id
y07VZk0qQ2bHJPd5b228UpDxquZDGJn5
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:38 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"567f596933e87a4086b111766b64145f"
age
509
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
BuMIZgBUkGvW4LYDK45qHsIrHDg_HGNiTnshzzbmt4kMRgkLX-c8WA==
main.js
static.app.delivery/sdks/web/ 		128 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.app.delivery/sdks/web/main.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:490d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3120
content-encoding
br
last-modified
Fri, 26 Nov 2021 12:00:54 GMT
server
cloudflare
etag
W/"61a0cc76-200b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG0ggl%2FLRRI%2F7GyVKdzUVsWbJoqw2AbGjgscUKxU5xH0X6jmxBNOxhC9zlZEWwAPDYPlRzt5Qo0soKzy13vswO%2FHC2M3pO%2FuKFu3XMHDc7s5ozfvjCXGserXc%2BmD1zhHJKyQZmx8Oilhfi5KIP6nic4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
76188d3eed5490c4-FRA
expires
Sat, 29 Oct 2022 02:49:21 GMT
gtm.js
www.googletagmanager.com/ 		251 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d09bedcf2c8d8b689b404dae2586fbbc8ccf2fe654bdf333d2f784a17320151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89466
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
d0493ff5fb61c24be19663e94056b79abe44db03363f132cf1d7a9ce048247ca

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 29 Oct 2022 02:41:20 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
f13e3e49f7b33a78cc96b034a28385ee1e50eb8af5d3d65fbe710bf29adcbefa

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:08:25 GMT
server
gfra1
etag
"635bf069-e80"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3712
opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
a5bed1ceff369bc938c0d237be1f37f7c8215e53cc31fba769b1aff7cb4b9832

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:08:15 GMT
server
gfra1
etag
"635bf05f-6f3c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28476
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DA8E7058B48AA4FEBDE4C6809D6F95471&h=8718d7d9342e7567d51ec84632b2ac11&r=0.3127663682897204
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:21 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
vis_opt.js
d5phz18u4wuww.cloudfront.net/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-76.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 29 Oct 2022 02:19:25 GMT
Content-Encoding
gzip
Via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 May 2019 08:14:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
1675
ETag
"85932b0cd7c8dce121fa1923529a3189"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57240
X-Amz-Cf-Id
yu_rvs3v8AXLA98czJX4Ya1o6Q4D4lYqajArUIDgTfKcwBQCXZ72Yw==
vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		226 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
b5ee1f823a5b57157bf1e9e88ca7b16553d85128b73acd7f92c7b3147c24dcd1

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 29 Oct 2022 02:41:20 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:08:25 GMT
server
gfra1
etag
"635bf069-feff"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65279
embedder
adserver.pressboard.ca/v3/ 		351 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:21 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
351
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
moatcontent.js
z.moatads.com/torontocontentstarcontent37863992/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62
8096267
date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:22:35 GMT
server
AmazonS3
x-amz-request-id
31EA48740775C598
etag
"491121b0fb1268b17bdb2c53880291f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19070
accept-ranges
bytes
content-length
54912
x-amz-id-2
8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 28 Oct 2022 15:08:15 GMT
server
gfra1
etag
"635bf05f-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 04:05:49 GMT
content-encoding
gzip
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
81334
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
fJyQCAhNpKwPmKOVYfkVgW9-Y0njuGeFZhqz3E72lG_LWzib4Bi6qQ==
/
d1nxn87txdj54y.cloudfront.net/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:23 GMT
Via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
fgytOolNNzgCb0n5nmwYxBY3jFLNcdEfVqOQdNY1tsn7oRAsyw6kSA==
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-201.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 04:25:56 GMT
Via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Age
80125
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
YL8LJkBhO8z5aBJVVhfAtWMwprhduSk3E_OMFTeVus1hViJvAiAOcg==
Expires
Sat, 29 Oct 2022 04:25:56 GMT
q9fqmmutk5a97trs-nbc.js
cdn.petametrics.com/ 		158 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=463058
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
x-amz-version-id
LckRkWNbGAnMM4fPWbwH3UMp93SHfXGQ
last-modified
Tue, 27 Sep 2022 01:29:26 GMT
server
AmazonS3
x-amz-request-id
WD9ME9TZS398DZJ0
etag
"5c0507320302161578b77871f0306c36"
x-hw
1667011281.cds320.lo4.hn,1667011281.cds310.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=31536000
accept-ranges
bytes
content-length
47144
x-amz-id-2
eaj7bXnlrSJlgRSfImFcpt0ud1G7e7HnNbtKHmgEg5nPe9seafK0AY21Jn98jfbWOkHD4o58gIs=
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:35 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 19:24:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
107
x-amz-server-side-encryption
AES256
etag
W/"95738dd931cd70a132d12a456f44b79f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
JxXGK89EtzfPOASlmTQiAUOFKl48QBA2vdMtR76fiW-OOK8jlYrCqg==
material-icons-outlined-all-400-normal.woff2
www.thestar.com/static/assets/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?v=e4106b07
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:07 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
14
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
128844
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"1f74c-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
metNnTLNSnoaCc4xx7P80WYe3SJunfV-6EY_-QVyUeTNFBGvpWG7aw==
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sat, 29 Oct 2022 02:41:21 GMT
expires
Sat, 29 Oct 2022 02:41:21 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9be56ae32ed3b23a83fee4cdbbcb1709dbf91f7839076499f8ba1becdb59e87b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0b442a8d861d285c5
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 29 Oct 2022 02:41:22 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 03:13:31 GMT
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130606
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:35:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 15:48:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		203 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
expires
Sat, 29 Oct 2022 02:41:21 GMT
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 		46 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
148e13f7ffee46391cbdd053f322ce5c3301ff122f0df8f0181eeb8b37a704a0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:21 GMT
AN-X-Request-Uuid
37f248ef-4ae6-4892-a0a4-72b9661f25b0
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		208 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0e50f904b3c461eafe5cf6709d20a4864a28dd9c23380a817d2f36fba17e073b

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
f5bc2b67-13e2-4d4d-a986-035e5e0001dd
https://www.thestar.com/ 		295 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/f5bc2b67-13e2-4d4d-a986-035e5e0001dd
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe1eed906249930e566a570798b42f30a0ce505843ac3c5fd5d57c1019cc8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
302509
1a4fd6cd-da2d-44c7-9926-11e22b4ce505
https://www.thestar.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/1a4fd6cd-da2d-44c7-9926-11e22b4ce505
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f1c454245f6b88cd1b68985b0da1da07b13724f93e8a8b00277ead790b6c8a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
20393
v2
mb.moatads.com/yi/ 		454 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Ue4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-Pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&pcode=torontoprebidheader623296055317&rx=418172946944&callback=MoatNadoAllJsonpRequest_85660678
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.207.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-207-2.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
8296bd87355ec1b07efa5b01bddc162a77fd7986b99f13cde1a3a93803ef9f75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"6216b86ce2e2f946a054bf9792778529d7b1939b"
content-length
454
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame B541 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1167
content-length
1374
content-type
text/html
date
Sat, 29 Oct 2022 02:41:21 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1667011281991&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&c8=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&c9=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:21 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
AK6oXRwkJtO4ozrPtGCmVLk0OS3JC6mkhLI_sv97tmpbckocyWbB8g==
x-cache
Miss from cloudfront
p.js
cdn.parsely.com/keys/thestar.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/thestar.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-39.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
public
date
Fri, 28 Oct 2022 05:37:06 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 01:41:35 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
age
75856
etag
W/"62b5164f-12236"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
n1UP2CRKYVmdisvAMNXtPLYixrOtsDokjOOzVKuIpIkgKaHF1UC_Og==
expires
Sat, 29 Oct 2022 05:37:06 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:30:04 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
7878
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
cGUKEi8JGSFnuQXSZk51cO3NszO2XXgiXt7o3LpUnR8gUBjhVcsQXw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
date
Fri, 28 Oct 2022 03:27:13 GMT
x-amz-cf-pop
FRA2-C1
age
83650
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
DcK6z7XSLTgrJUa_11dZj7Wtu6vc9piqtJW5YEpB5SQn2JRJF5Qbaw==
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/__activity.gif?e=pageview&ct=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business&ccu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tspl=1498&blst=1090&ist=1487&iet=1496&bdst=1090&bdet=1244&bcttt=16&jsfv=nbc&ts=1667011282061&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&uid=9da61d4c-a9ad-4539-ab67-8b7e271ce311&sid=e6963907-bb83-40e5-8e2a-ba342232a327&pvid=4bd23b6f-5014-4285-d1dd-baa1425459a5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F107.0.5304.87+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:22 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
id
dpm.demdex.net/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1667011282081
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.246.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-246-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a454c37699f4c97fb7f986bc176e9b4563e6260b010bd9818cd696633f01baa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
QKQ3JRbtQmQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thestar.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
324
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:33:00 GMT
x-amz-version-id
AtFbKziH8v25JgWRyxz1wmhqHZqW4Fkd
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"d860c16ac938f7d839f0ec158d02d0f0"
age
503
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
880YTK6DQumeO7q1dqeFGJt_ygAvpb5Jt2rqvfuGMtPPE854ZaPs5A==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:33:00 GMT
x-amz-version-id
3.opRZ7cEiSUaeRJufBK5QKGL.fmmrgB
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"2d1382c349d480b6b41574ac0c1af066"
age
503
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
-UJjFGc7wMlPp0_oVZa0hupdi7n_n1nsSPJA1dE-JIg8Bn7J916EMw==
services
sr.studiostack.com/v3/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3a77130af1d9e9c93dcebc6589f7087b3a4d4d95927fce9aba83d306b473ff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:22 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
26227
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
06d20cae4b316519ee893468f185ef3fef779808e608522f500fe0d382c9273a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 01:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5128
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 03:15:54 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.0.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@3.0.4
  • https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2b5bddcf1a22673c3dca50357eb75f0767e259dae969fa3fcf2770d9b764d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
866598
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GFPZCJDWB1E508ZCT1RGXBY4-fra
server
cloudflare
etag
W/"1a3a-hcVpXUspBNC1/NAQABcyCbLFezA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76188d422d1a9a12-FRA

Redirect headers

date
Sat, 29 Oct 2022 02:41:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GGG4GDKE2R0B3S4A2403K5YG-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22368
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.0.4/dist/web-vitals.iife.js
cache-control
public, max-age=31536000
cf-ray
76188d41fce79a12-FRA
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30563f133035e7ef6c38c2cf741e13fa80e2e7d6fd7eaa2947edfa8b430d0e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76635
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:22 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
152b4686b835e46fa906c498a2ed5a1295b97bb5cf96d929c9dc9ef4a4afe28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77141
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:22 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		86 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A22%2B00%3A00&ts=1667011282166
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
11241ea83d7af3e641272f8ce2b1820c0c467a516041320c474d43c73da1035e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
13941
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
f9wLyvZGTgXkGyX9UzlhwwXoheDxCVUsRW3vjpVlWhyCWpC21KbZfA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1737921555&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&ul=en-us&de=UTF-8&dt=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1185760661&gjid=2019486642&cid=24496825.1667011282&tid=UA-70431129-1&_gid=1868445829.1667011282&_r=1&gtm=2wgaq0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&z=1912190957
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1737921555&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&ul=en-us&de=UTF-8&dt=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1519319374&gjid=392045867&cid=24496825.1667011282&tid=UA-73335503-3&_gid=1868445829.1667011282&_r=1&gtm=2wgaq0P86MZHL&z=422277525
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:22 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-data
sr.studiostack.com/track/ 		138 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e35fa568923155da5979d49969feade0028e96fd3ccfa3454dd65c16e257c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:22 GMT
ETag
W/"8a-p/n9rgM6U9mNK/UMXm0iOiPbQCQ"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
138
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 02:41:22 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oeaq0&_p=1737921555&_gaz=1&cid=24496825.1667011282&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667011282&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&dt=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=toys-r-us-reportedly-in-talks-to-sell-asian-business&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=24496825.1667011282&gtm=2oeaq0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=24496825.1667011282&gtm=2oeaq0&aip=1&z=243719795
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oeaq0&_p=1737921555&_gaz=1&cid=24496825.1667011282&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667011282&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&dt=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=toys-r-us-reportedly-in-talks-to-sell-asian-business&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=24496825.1667011282&gtm=2oeaq0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=24496825.1667011282&gtm=2oeaq0&aip=1&z=1491613573
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70431129-1&cid=24496825.1667011282&jid=1185760661&gjid=2019486642&_gid=1868445829.1667011282&_u=YEBAAAAAAAAAAC~&z=632178486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 02:41:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
strict-transport-security
max-age=15552000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
strict-transport-security
max-age=15552000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:22 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:22 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
thirdpartycookie
api.viafoura.co/v2/www.thestar.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-instance-id
i-0b442a8d861d285c5
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 29 Oct 2022 02:41:22 GMT
intl-messageformat.cabf9fcc20db4368f619.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.cabf9fcc20db4368f619.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47c463c69b819f261745d592cb09fd9e802a14d13aca70062094f1c990a15cdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
wuC2t91WOK88mQOxEVITNR0.VTgrEif2
content-encoding
br
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age
127995
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Oct 2022 15:07:22 GMT
server
AmazonS3
etag
W/"49c15b7ab9400549191c502b7a46857a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
vUtz6xKnTry-dUfflYDPE6p2A1QikRKwco0uvpSV9LYLrep3v8LaRA==
intl-messageformat.74777b3c5cd469365abc.js
cdn.viafoura.net/chunks/languages/ 		135 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.74777b3c5cd469365abc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79af2a4f83ffb4de287d2dc876bcd08865dbed6d0e70a9bd52f45a421c23e555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
Pcgzgwz3VFhbE.D3izzRxDv62dByjvgQ
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age
127995
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 27 Oct 2022 15:07:15 GMT
server
AmazonS3
etag
"cf6dc2d27fc9d53050baaa3092085166"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
p5om6mtZMATtp7EqAvCfwp_SZ0J5dlC2utn8gWkX6DC5H6oD64X-yw==
en-us-base-json.39c96c8731ba19b47976.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.39c96c8731ba19b47976.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
sVQ.7ESj9RpTcVNnY2IwQgE4L1.KXzr8
content-encoding
br
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age
127995
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Oct 2022 15:07:15 GMT
server
AmazonS3
etag
W/"08c341ce7db2241e4dc86292fc4119d7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
lta5x65QQiU-jiyKPUXzQS3HXJ18wmYpKRUVbR40icB5gK0W3AwHAg==
vf-css.29ffa624baeed7ffeb75.js
cdn.viafoura.net/chunks/ 		306 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.29ffa624baeed7ffeb75.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0a1f76723f7d8b0b92c628af386c0edc9ff33055ffcb812e33c6532cddb2cb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
gD.S1xyA_mtrrlfRsVgZisol6zN4gM0L
content-encoding
br
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age
127994
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Oct 2022 15:07:23 GMT
server
AmazonS3
etag
W/"4a57e8ff19dce9d4672d4a3d4e49b0f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
B6DWm0Raiu5XVKPD7ZV0Dgu7RbiZYi2wxuRY35byVFYNQayO5Ek3zQ==
en-us-conversations-json.c5b87491d6131d717603.js
cdn.viafoura.net/chunks/languages/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.c5b87491d6131d717603.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4afbc0d323ef425664f3371b1e560662704b13db5c492cc1a5d21db74e95524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
PJk97J_hmlmYtNxplzl7.KESNju_NFWX
content-encoding
br
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
age
127995
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Oct 2022 15:07:08 GMT
server
AmazonS3
etag
W/"225b386303314ab01882ff46c3aa32e1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ZhuGytjwLTKzzVwKSrFylJFoC_F26fvgDcsEC8x0O_1lPMHHkj02eA==
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20eb:8800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:08:08 GMT
x-amz-version-id
agv1.DiuywVdOwrN9dZKThSZsHWi0VwW
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
age
127994
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50240
last-modified
Thu, 01 Sep 2022 19:35:45 GMT
server
AmazonS3
etag
"184a2a669cf798f8d80bcfba041c3ecf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZcdLy9OY9d37jqszH_66r93FUyxc3Ml7wGO_0m9QPuTYmo0-NQEPxw==
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.146.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-146-55.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Sat, 29 Oct 2022 02:41:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
c27c1f0a8bdf4182bf83cc2f2e72122c
e377.thestar.com/plugin/plugin/ 		193 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugin/plugin/c27c1f0a8bdf4182bf83cc2f2e72122c
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
68ae8509ef1db2e07b444696b2d8c6c9cc827bdf283bf805657172a6f0627378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
age
846140
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
43009
x-xss-protection
1; mode=block
last-modified
Tue, 18 Oct 2022 07:39:02 GMT
server
-
etag
c27c1f0a8bdf4182bf83cc2f2e72122c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
K2k0hpscMJjJEXWNJhY7bHKEp7N8ukJll0hdbmwm4T2WpdJ1y8uBxQ==
expires
Thu, 19 Oct 2023 07:39:02 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=7c973773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1378928ad08ba71f5d370a300b56117a3d710bd793a3c8546c1b3726fd5bfec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27396
x-xss-protection
0
server
sffe
etag
"1377 / 221 of 1000 / last-modified: 1666994777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Oct 2022 02:41:22 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 03:08:29 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 8E3A
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
979c931ca5e8259497e7766f65f6ac1f4b3bc3db28e372c1fcb91d3282a86ce1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-oKNz3mnzoAsMyosR3Coquw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-oKNz3mnzoAsMyosR3Coquw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Sat, 29 Oct 2022 02:41:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-9oDeNz0f9GromAaOxk57YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Sat, 29 Oct 2022 02:41:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
breakingnews
www.thestar.com/api/alerts/ 		19 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/breakingnews
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:36 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
age
107
x-powered-by
Express
etag
W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
content-length
19
x-amz-cf-id
I-L8R7-AxvzpJYFlF6-REG_d1Wa3P10Vy90J_d2MFPHhc9EiRVpsgA==
updates
www.thestar.com/api/alerts/ 		19 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/updates
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:36 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
age
107
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
content-length
19
x-amz-cf-id
Ed-oLFbCuFPMydHNO52EHofKa8qwiqtIDUWoEyMLx1iylQDJnLHbkw==
related
api.parsely.com/v2/ 		34 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/related?apikey=thestar.com&tag=tlc_business&url=https:%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&limit=20&boost=views&pub_date_start=48h
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.226.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-226-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c9b1b60288569b0da753c8ddd5b2d63785aa2cfdb29e8a7899123b38d12bd194

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
nginx
x-cache-status
MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
expires
Sat, 29 Oct 2022 02:43:23 GMT
articles
www.thestar.com/api/ 		91 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/articles?type=top
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
006eeb878afe8a8410219843d0fca315b646659fa936d8600126638237cd0eae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"16c45-7591Gh/auDVwHP0D/4WedHHETI0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
aIItkdV2ZBqcpI5fP-XOY7puvzLJ3kCKJZqo66yxh8gVRZI8ysrvfA==
15.css
www.thestar.com/static/ 		257 B
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/15.css?v=77f92dd85f139b4be241
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=7c973773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
fe61d7c581a900910fce48ac57c1fa550d65f7efb86634c792b163c9c1d34b5f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"101-183f0b62748"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
accept-ranges
bytes
content-length
257
x-amz-cf-id
ZoLyuQyPjUONDVSZlOdqF7uy90fbJEP4O5KOHKSXZEp5gy-cBMDBgw==
RightRailAds-RightRailAds.chunk.js
www.thestar.com/static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/RightRailAds-RightRailAds.chunk.js?v=ef8e2490
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=7c973773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
30fff6666a0496c6190896f9989c8a4d77eed8d1e8f0255b379285c6af8c381c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Wed, 19 Oct 2022 14:46:53 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"13eb-183f0b62748"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=300
x-amz-cf-id
99WerGst29a39rzRfBib8jgu9MMwzhmNmGOFcU6whVE5IsPGongv1w==
embedcode.php
embed.sendtonews.com/player2/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player2/embedcode.php?fk=uxXdqAB3&cid=4204
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=7c973773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.240.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-240-154.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d8c392f8bc86d949f9eb29f44503d225b3914fde5d46fd43f8369af0f0e41295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3101
expires
Sat, 29 Oct 2022 03:41:23 GMT
model
query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/model
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
9f42e33ec22e0abf3ac5956ce22adf9a5340ce0f46b350ce33b9c5b8ab8e3c6a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
indicator-icon.svg
www.thestar.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/img/indicator-icon.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2617d2028b90eff31a57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2617d2028b90eff31a57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 01:40:13 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3670
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Wed, 19 Oct 2022 14:40:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"664-183f0b01880"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
zHmNTxE_H6M7_-09BPPDpG9CtmLYF61rhjqMYO3Y5_5OZ8726QfeAA==
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
958424403f117961c3f1a59e83d24953eb19e7c994b4517989ee100b0ae53c7f

Request headers

Referer
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
mdc.textfield.min.js
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 22 May 2022 00:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
age
13831321
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
11561
x-xss-protection
1; mode=block
last-modified
Sat, 21 May 2022 00:39:22 GMT
server
-
etag
6255d33f94b82e67e60ed3d71ba26fe3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
WqdncBBm3NcP04EXQPd784S9NmYI73HJNaUSYJrQWFzTrJq6wxsgTw==
expires
Mon, 22 May 2023 00:39:22 GMT
user_agent.min.js
e377.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 23:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
age
3641792
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
1274
x-xss-protection
1; mode=block
last-modified
Thu, 15 Sep 2022 23:04:51 GMT
server
-
etag
333f52c72fdc4072c6c7950dab8f54f4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
T432evsPNyji5TSKaoyFqRAGUemdm07S76u68pt7gFZ-2jwFMZ--Nw==
expires
Sat, 16 Sep 2023 23:04:51 GMT
194bdde84046a513f6c8e3d8b5514fd0
e377.thestar.com/plugin/library/ 		271 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugin/library/194bdde84046a513f6c8e3d8b5514fd0
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
a0c908578614e6d1e6b54080436d42d84645bb8117d4c1475a9cd76864d7a2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
age
3132797
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
88333
x-xss-protection
1; mode=block
last-modified
Wed, 21 Sep 2022 20:28:06 GMT
server
-
etag
194bdde84046a513f6c8e3d8b5514fd0
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
hz886XfTwJGEsUNumWTgweA5N2AP_Jy6IonTTKDKM546SqcyqlJeOg==
expires
Fri, 22 Sep 2023 20:28:06 GMT
LB-Zone-3
e377.thestar.com/DG/DEFAULT/rest/rpc/513/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513/LB-Zone-3?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=&bctempid=ceee2f53-c349-4974-ba57-3002e5aee1d8&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283192
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
c5e4850c25ebf482fe92bca0d7d6fe1b42438a2656c275d7ff918596c9da6072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1074
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
shZe2LTyVi8Y1ThMYvc5_4MIJeFqzRyQVusnJcDf7J72K7Woo3vnXw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 8E3A 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wymmgN6j1RTv3hS9xJkBbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-wymmgN6j1RTv3hS9xJkBbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 8E3A 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 03:13:31 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame 8E3A 		171 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a0e6c21a566da04d19820a70949adcafb29a24e5141a31e45ae2b2c06c6237b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61621
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 02:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 13:44:24 GMT
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 1A52 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.34.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-34-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BOwNHbfdTkI=
content-encoding
gzip
date
Sat, 29 Oct 2022 02:41:23 GMT
last-modified
Fri, 28 Oct 2022 11:26:52 GMT
transfer-encoding
chunked
vary
accept-encoding
id
s.thestar.com/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=14271039062271633833099355754704736494&ts=1667011283213
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
13ebfd27d75ec6761b816d26d30071388b64fec1207a5f7ef8f1867f7312fa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.thestar.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y1yS0wAAAIj0ZAN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=14240018064253447653102446654314007268
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1yS0wAAAIj0ZAN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1yS0wAAAIj0ZAN-
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Server
34.251.246.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-246-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-008327e36.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
89NWvQHNSeM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1yS0wAAAIj0ZAN-
Date
Sat, 29 Oct 2022 02:41:23 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
entitlements
news.google.com/swg/_/api/v1/publication/thestar.com/ 		2 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		175 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cbd3b236787e600b9480b9eecee4c67c339fd4654e31b82188fcbe148ac3a381

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:23 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&pid=nGj1jzUNjcFZi&cb=0&ws=1600x1200&v=22.1021.827&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-business-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-5%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-6%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-7%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-8%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
3H2S4PEBS6J9P9SBVH71
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
jF8ZsR_CHBExtW8lBKgjaeAoxzDk_PBhzvFvJnj-9BFIBtjQPcsa5g==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8E3A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463058&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:18:05 GMT
x-content-type-options
nosniff
age
314598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Oct 2023 11:18:05 GMT
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1... Frame 8E3A 		135 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1.O/am=zgAAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6KTIon6pLMcL32IGETnviwYqh5fw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bafd6b3ada6883c7da71cb836a0e944b47338da0f52e9f5a65c5a16f533175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46289
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 02:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:31:31 GMT
config
push.kumulos.com/v1/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1885092395a50d1321421909b401618d05c62f43c4a25a17424c6e92dc9c281f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubdomains;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-max-age
36000
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
config
push.kumulos.com/v1/web/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1... Frame 8E3A 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1.O/am=zgAAAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6KTIon6pLMcL32IGETnviwYqh5fw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e32ebe58a8095b5b11fd98d378d052061b1ea557e791b24b9f1dc2a9a96bcb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
711
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 02:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:31:31 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 8E3A 		569 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-328768853697300142&bl=boq_subscribewithgoogleclientserver_20221026.07_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=9684&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00c28990c4d03144ce3d62ebe1820cfedadb8abbb9e62ba7ca1becebd2a5caa3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1... Frame 8E3A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.P52JNswfLhs.L.B1.O/am=zgAAAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6KTIon6pLMcL32IGETnviwYqh5fw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9d7befd25aed6e8003d9de5f1447fd051a4d2ef5bed881de45bbc3cefaf606e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7225
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 02:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:31:31 GMT
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=15552000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
images
www.thestar.com/api/liftigniter/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
8b57f50c73ddd7561d0668290fc9de2b254ec27383509c8bb7dc8469dfcee63a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"2336-8D4Kmj6zVHn/YqlL1sTvTg/zonk"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
yeMyejqENH5F2Cxuo8Ca__YulhTaVXZYdsaK-kjVf2PaeKLjskrc5Q==
log
play.google.com/ Frame 8E3A 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:23 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.parsely.com/plogger/?rand=1667011283420&plid=53943338&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&sref=&sts=1667011282243&slts=0&date=Sat+Oct+29+2022+02%3A41%3A23+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=1101&u=pid%3Dbcb50f867aa8641611f79c6c4bde31ee
Requested by
Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:23 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 29-Oct-2022 02:41:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ruleenginedata
www.thestar.com/api/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/ruleenginedata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:37 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
age
106
x-powered-by
Express
etag
W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
x-amz-cf-id
Ik88yXvYU0hgAZCf9EyRI_KRBsqs8Qjxe9xdJOYp8f4JlLltTAKw8w==
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1667011283425&plid=53943338&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A5030%2C%22_trustBar%22%3A2434%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&sref=&sts=1667011282243&slts=0&title=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business+%7C+The+Star&date=Sat+Oct+29+2022+02%3A41%3A23+GMT%2B0000+(GMT)&action=_scroll&u=pid%3Dbcb50f867aa8641611f79c6c4bde31ee
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:23 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 29-Oct-2022 02:41:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1667011283427&plid=53943338&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A5030%2C%22_trustBar%22%3A2434%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&sref=&sts=1667011282243&slts=0&title=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business+%7C+The+Star&date=Sat+Oct+29+2022+02%3A41%3A23+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=78193674&u=pid%3Dbcb50f867aa8641611f79c6c4bde31ee
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:23 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 29-Oct-2022 02:41:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
restaurantblaze_14.jpg
images.thestar.com/zP9wiq6UL3MskEBL-NCFUHKywvU=/1200x955/smart/filters:cb(1666900639526):format(webp)/https://www.thestar.com/content/dam/thepeterboroughexaminer/business/2022/10/27/indian-peacock-... 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/zP9wiq6UL3MskEBL-NCFUHKywvU=/1200x955/smart/filters:cb(1666900639526):format(webp)/https://www.thestar.com/content/dam/thepeterboroughexaminer/business/2022/10/27/indian-peacock-a-haven-for-indian-students-in-peterborough/restaurantblaze_14.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7032061102d3cf3346fd0d274eebfebb9dff0b455b1482f2e46876cd697b3b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 00:29:29 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
94314
etag
"3912ad0781017c1ffdea66fb12a82980c7450f87"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
203894
x-amz-cf-id
U3yJG40qb4l1rCKw9NwaIlOT6trD-oF57pto4aF5a7VGP1Lal4KzVg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sunwing.jpg
images.thestar.com/Szcg8Dyy3BKrQ-MqAN2ozZG398U=/1200x712/smart/filters:cb(1666917654353):format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/10/27/competition-bureau-flags-concer... 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/Szcg8Dyy3BKrQ-MqAN2ozZG398U=/1200x712/smart/filters:cb(1666917654353):format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/10/27/competition-bureau-flags-concerns-over-vacation-packages-with-westjet-sunwing-deal/sunwing.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
576dcb8b29d526aa67d004a12d9c59284c285b63f27a5fc3c208208630030dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:17:02 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
91461
etag
"dee47138164557301e76236fe1eb13832393c623"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
82312
x-amz-cf-id
iI_t3DrzOjgO_-txulssBaw3u2AFmhtME4mrGkvK5d3JFL2u5NcKlg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20221027091036-6c4f931a6195fe6efde471aeaa189459a9314698d050e98bc652b78716b668f3.jpg
images.thestar.com/R_PTOMikoKdxzZZmR7WY7zOAsfI=/1280x1024/smart/filters:cb(1666881155454):format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/10/27/small-business-confidence-plum... 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/R_PTOMikoKdxzZZmR7WY7zOAsfI=/1280x1024/smart/filters:cb(1666881155454):format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/10/27/small-business-confidence-plummets-amid-high-debt-climbing-interest-rates-cfib/20221027091036-6c4f931a6195fe6efde471aeaa189459a9314698d050e98bc652b78716b668f3.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0656c4e86179f368ffb0cf806021ef1869e2a97ed3d1321a25abe0a88aa8d8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:18 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
5
etag
"b14e8f913f6015f787639647a643ecf45a41440a"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
110080
x-amz-cf-id
svnqCS0ZgFChJDpW0vsCRlnp9Hjt3tQjq4eRYfOJsNTrSfZO3JeOlw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20221027091044-af31ad3940d09521fe4e24c7c53dea1466cf00d8f843aca13b6dd8c2f25fc334.jpg
images.thestar.com/jwE_AcxFuC-JhHdMaGUFL3PhCwo=/1280x1024/smart/filters:cb(1666886855521):format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/10/27/sustai... 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/jwE_AcxFuC-JhHdMaGUFL3PhCwo=/1280x1024/smart/filters:cb(1666886855521):format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/10/27/sustainable-investing-loses-some-shine-but-proponents-say-still-good-long-term-bet/20221027091044-af31ad3940d09521fe4e24c7c53dea1466cf00d8f843aca13b6dd8c2f25fc334.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
129e60ab862f0c31b7abe04765ff4136c37f8de008d4d1ac9b127b9c665992b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:20 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
3
etag
"398336aae50135844eb51bc662e71b150ef83465"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
158128
x-amz-cf-id
jOh7CfLrSmZeBdplhJifUfs1Yld3viFuNGWaGGEGtiMZel7rshZNeQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
thestar-ribbon.png
images.parsely.com/4LfbGgdsYjSAERd1Ize15GYTqVE=/85x85/smart/https%3A//www.thestar.com/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.parsely.com/4LfbGgdsYjSAERd1Ize15GYTqVE=/85x85/smart/https%3A//www.thestar.com/assets/img/thestar-ribbon.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.177.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-177-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
365e95ef61d9bc80df89e7c6cc83618223cd064b9607dded49f758c7aad556a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
"df2ff76125152234c27ddd8bad90e30363498ddd"
content-type
image/png
cache-control
max-age=86400,public
content-length
3085
expires
Sat, 29 Oct 2022 18:44:27 GMT
log
play.google.com/ Frame 8E3A 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:23 GMT
log
play.google.com/ Frame 8E3A 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:23 GMT
log
play.google.com/ Frame 8E3A 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4Ite_XDsIX0.es5.O/am=zgAAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5FIQZ2HGFHZy4-2NuhFKw0DVNL2Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 02:41:23 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20221028/ 		666 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.240.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-240-154.compute-1.amazonaws.com
Software
Apache /
Resource Hash
87756355c9c06dbff07ca70a57a7d5c7b1764ba03b62d445e5a4e549971359e7

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
last-modified
Fri, 28 Oct 2022 19:38:51 GMT
server
Apache
etag
"a6913-5ec1d684348c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Sat, 29 Oct 2022 03:41:23 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		175 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
26398ab3ded79ac994fe64b7e76669a5ce986d00c23b86808fb59ed826c4e48c

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:23 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sat, 29 Oct 2022 02:41:23 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sat, 29 Oct 2022 02:41:23 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sat, 29 Oct 2022 02:41:23 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283604
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
476417c2fc7c2314165b262cf3a6fa1558674940c56f61e6681da8ccc7d75459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2439
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
KcPEZNmln9yC-vbarXeEwB7GWxOU2R0ts_LlgQjc13EefLHHZPojRQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283606
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
ed5545fe3ebe0e3a9956d708e8546fc9d6e8b6e3bc8fdc23c9f740bcbebf82eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
171
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
vS-oUJIZpkPCI4l4_gkfc6BwevM3wDo5mJqP9iPRPP-m4AFWtflXew==
expires
Thu, 01 Jan 1970 00:00:00 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283618
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
92262a651902ccf476136e64d9fe365d8c50be8bcd8aaac3407df96bcb2482e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
161
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
4M53dicW6FYr7dsigwroBE6yfQxNFOcrblKV8_zYwzCa4iumLmd1gw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/plugin/plugin/c27c1f0a8bdf4182bf83cc2f2e72122c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Oct 2022 02:41:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
tBrlTTKmSFqEcJzAHajt+/H1L5xQo9QZL7It/dydeXnjQjSIva+zID0tFlAo+yZW4gKk6Glgyjiw/uRdIx+SBw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		369 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283632
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
0ce4a369ba1ff851aeb0f37b0cbc52f2773d24c73b10133fb2b2d0c3d6fc245d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
175
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
2Zdv-UFZLy9cTGV9epk5Na-4W_1WG4Koz4yTgucnATCHBjPCe4DXXA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/__activity.gif?e=conversion_shown&ct=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business&ccu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tspl=3046&blst=1090&ist=1487&iet=1496&bdst=1090&bdet=1244&bcttt=19&jsfv=nbc&ts=1667011283610&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&uid=9da61d4c-a9ad-4539-ab67-8b7e271ce311&sid=e6963907-bb83-40e5-8e2a-ba342232a327&pvid=4bd23b6f-5014-4285-d1dd-baa1425459a5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F107.0.5304.87+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q222_OutlinedSale&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:23 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/__activity.gif?e=conversion_shown&ct=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business&ccu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tspl=3052&blst=1090&ist=1487&iet=1496&bdst=1090&bdet=1244&bcttt=20&jsfv=nbc&ts=1667011283615&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&uid=9da61d4c-a9ad-4539-ab67-8b7e271ce311&sid=e6963907-bb83-40e5-8e2a-ba342232a327&pvid=4bd23b6f-5014-4285-d1dd-baa1425459a5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F107.0.5304.87+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:23 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283634
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
8091ae86774f3b97e248df989c02290d7028ac493630a97ad509e61abd5f6eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
H5WtDoAlANCKvVHAv1Q7pKNQZBbyOz-cvadVRA0iK0KPnOJ-GzfZAA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
torstar.blueconic.net/DG/DEFAULT/ 		66 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&&callback=bc_json515
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.55.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-55-37.compute-1.amazonaws.com
Software
- /
Resource Hash
64a63d7b1f8accdb07e04ec95f4cd972f6226e2911b66e8f906802cc1541dd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&pid=nGj1jzUNjcFZi&cb=1&ws=1600x1200&v=22.1021.827&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-business-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-5%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-6%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-7%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-8%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-9%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-business-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fbusiness%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
GYNW6CTDED4MCA3HD60A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0iGOmEMATf8v64o7R1ApaA8HLYjd1TWPswHud_EnAMPu0pEcxFJs5A==
14271039062271633833099355754704736494
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/14271039062271633833099355754704736494
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-106.fra2.r.cloudfront.net
Software
/
Resource Hash
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-api-key
b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-trace-id
Root=1-635c92d4-6f3d792f1c431df97d8a3a58;Sampled=0
x-amzn-requestid
45363814-6c3e-45bd-8903-6177e3f72aaa
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
avvhNG7RIAMFgoA=
content-length
51
x-amz-cf-id
ekh-Pi_UW5exjmJsML_A2pSAsoS01KG7GmnC6Y2eyqfCcOHpTYWuRA==
channels
push.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ 		37 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/channels
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c966bc52e11f4f40bc97f691c1a720a8e0b3a0ad0942f89d3cd22ef7e7d0dbf0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubdomains;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-max-age
36000
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
barryhoneyexercising.jpg
images.thestar.com/ESFreZtUy9sV31Tcu0ZOJnFid2s=/0x0:1013x675/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/detectives-in-barry-and-honey-sher... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/ESFreZtUy9sV31Tcu0ZOJnFid2s=/0x0:1013x675/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/detectives-in-barry-and-honey-sherman-case-never-checked-pearson-airport-cameras-in-hunt-for-killers/barryhoneyexercising.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4946a7745ca266b91b98ad23d01ac326bcf650d7e7cf8eef0987131218cace10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:17:35 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
12228
etag
"e71561056a181d5c194fd248c26248bb03431627"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
2440
x-amz-cf-id
1K1gyg3UPXkyHJTZcLv5WVjSMHgfWa1T-bLPgyCzouodc4Wm4ThlZw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
stefanson.jpg
images.thestar.com/PHYPvphU-Ypzp4JpCQZeijXXrjk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/28/that-sounds-like-a-threat-premiers-group-respon... 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/PHYPvphU-Ypzp4JpCQZeijXXrjk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/28/that-sounds-like-a-threat-premiers-group-responds-to-report-ottawa-could-freeze-some-provinces-out-of-health-funding-deals/stefanson.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f886b46849a7acb07f0e9e309160afad90d3e743fdfb91b24bf4e0b7f2c969cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:17:58 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
12205
etag
"31f5751309453ede212d257b11edd2b273750019"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
5742
x-amz-cf-id
B4SiunvKiX5J6IcIStD1_JPZ2f2bK_CHCMR-qXjrvxjODBOcx7B2Gg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_main.jpg
images.thestar.com/UywjenwcDuRQ1m5-jWxsgVYWxB0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/2022/10/28/paul-pelosi-beating-suspect-grew-up-in-bc-sister... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/UywjenwcDuRQ1m5-jWxsgVYWxB0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/2022/10/28/paul-pelosi-beating-suspect-grew-up-in-bc-sister-says-shes-deeply-saddened-by-attack/_main.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
777fcbfbc63735a8bdd6767d61825d7f1434a307fbe198c9d36df00e135330f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:51:02 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
10221
etag
"600b7ef09ecee3c0e72b6f7d29805823b7120727"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
3498
x-amz-cf-id
BOVBlY2GJ9Q6caoj851bldCfzfU2nFr7Gj-mzW5IgKHWVS0mE1MgZg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_1rachel_muir.jpg
images.thestar.com/qsmbPXvREt5zAdx0rjIZR8s9vWY=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/28/data-reveals-ontarios-rising-hospi... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/qsmbPXvREt5zAdx0rjIZR8s9vWY=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/28/data-reveals-ontarios-rising-hospital-staff-turnover-and-vacancy-rates-and-theyre-only-getting-worse/_1rachel_muir.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0d1fde69ce84150f72b685ed05424b02f816f70972cba111c261ebc8f810201b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:28:14 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
54789
etag
"6e89dbac96f2480beca8ebf0462c5fac3917b368"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
3438
x-amz-cf-id
tjw9jlE2QkP-JX7aJr85eUyLF_y1i3UikPi_0LJdkSpT-ie7pUYoHQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
courthouse.jpg
images.thestar.com/uSaS5E6V88KfSCGw_6UBdlXRSJ0=/0x0:1134x756/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/10/28/woman-sentenced-to-18-years-for-tortu... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/uSaS5E6V88KfSCGw_6UBdlXRSJ0=/0x0:1134x756/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/10/28/woman-sentenced-to-18-years-for-torture-of-two-stepsons-who-were-hung-upside-down-from-ceiling-in-toronto-basement/courthouse.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
efbe55218f8ee658d6070708983f4f79bdae8dac24d058c2557cb806774a3c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:00:08 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
9674
etag
"f450210e6fbd89908dd67df7fcbf8fb33e72a904"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
4180
x-amz-cf-id
mPsTEQrX-H2oHwdwlwjTick17zyNCu123zMmN6abvdhC-ViJQYUhRQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
images
www.thestar.com/api/liftigniter/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4e1a8a022dbe001d4ee48cdef236a39f36b948116a0bf0ce58885595a21da282
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"20c0-zgITXWlO7I4kNLnmdYDcnIDryV0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
Jq_BTOLuuEhr2GXHUcmVgoMPrHwQW7WBevFxLFZ3hpUeVF95xlQFvg==
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		434 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A23%2B00%3A00&ts=1667011283717
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
9c56f990629a1da174cfc03f36c92ddd58961ddb00f1de3b07ba1913f73a6e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
259
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
w33chhqiDL74eva2ejL3-hPSzqYD07vVxmyzJhEDpTlwWIgS8JIDmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
12f54dc02af406e60f482b94ac9a806b4596097073e3afbe876456f4939408b6

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
14271039062271633833099355754704736494
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/14271039062271633833099355754704736494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-106.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 29 Oct 2022 02:41:24 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-apigw-id
avvhKHXeIAMFjPg=
x-amz-cf-id
gQUs6UBmLi6tb1wyBDQJUpWYmP7bWJLHZXr4rFlbsYu6WJkat_MsDQ==
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
b1e4783b-d435-44d6-9599-3ad751cf7ac2
x-cache
Miss from cloudfront
channels
push.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/1653a046-ef75-4bf4-9f1b-7354c9c7818f/channels
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:23 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907668147450411&correlator=2658382998483719&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Cbusiness&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&adks=1856679161&sfv=1-0-38&prev_scp=pos%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=permutive%3D%26gs_channels%3Dgs_shopping_misc%252Cgs_shopping%252Cts_rtl_bby_chldrn_gnrl%252Cts_rtl_bby_chldrn_ty%252Cgs_business%252Cgs_family_children%252Cts_bz_bnk_fin_bnkrptcy%252Cts_bz_bnk_fin_gnrl%252Cgs_business_misc%252Cgs_family%252Cgv_safe%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26tkspo%3D5%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Dvinicychanmatttownsend%252C%2520jonathanbrowning%26assetid%3D538d6702-a101-4d8f-800e-a3977520290c%26kvng%3Dtoys_r_us%252Cretail%252Cbankruptcy%252Casia%252Csell%26kvcalais%3Dfung_group%252Cbain_company%252Cfinance%252Cmitt_romney%252Cbain_capital%252Ckohlberg_kravis_roberts%252Cvornado_realty_trust%252Ceconomy_of_the_united_states%252Cinvestment%252Cus_asia%26key%3D%2520%26article_b%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1667011283793&lmt=1667011283&dlt=1667011281055&idt=1119&adxs=1050&adys=1400&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=24496825.1667011282&ga_sid=1667011284&ga_hid=1737921555&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9761f3609acf182f7b0df58bc02e9f631161a1555e830d9b8b8afbaafeec889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10129
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B69 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sun, 29 Oct 2023 02:41:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		548 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907668147450411&correlator=2658382998483719&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Cbusiness&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2993204809&sfv=1-0-38&prev_scp=pos%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=permutive%3D%26gs_channels%3Dgs_shopping_misc%252Cgs_shopping%252Cts_rtl_bby_chldrn_gnrl%252Cts_rtl_bby_chldrn_ty%252Cgs_business%252Cgs_family_children%252Cts_bz_bnk_fin_bnkrptcy%252Cts_bz_bnk_fin_gnrl%252Cgs_business_misc%252Cgs_family%252Cgv_safe%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26tkspo%3D5%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Dvinicychanmatttownsend%252C%2520jonathanbrowning%26assetid%3D538d6702-a101-4d8f-800e-a3977520290c%26kvng%3Dtoys_r_us%252Cretail%252Cbankruptcy%252Casia%252Csell%26kvcalais%3Dfung_group%252Cbain_company%252Cfinance%252Cmitt_romney%252Cbain_capital%252Ckohlberg_kravis_roberts%252Cvornado_realty_trust%252Ceconomy_of_the_united_states%252Cinvestment%252Cus_asia%26key%3D%2520%26article_b%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1667011283805&lmt=1667011283&dlt=1667011281055&idt=1119&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&frm=20&vis=1&psz=1600x0&msz=1x-1&fws=0&ohw=0&ga_vid=24496825.1667011282&ga_sid=1667011284&ga_hid=1737921555&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8accd7807108b834c2cecc91c6255b458aead6eddf3a4fe7566dd356df0b97a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		548 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907668147450411&correlator=2658382998483719&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Cbusiness&enc_prev_ius=0%2F1%2F2&prev_iu_szs=2x1&ifi=3&adks=1622853328&sfv=1-0-38&prev_scp=pos%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=permutive%3D%26gs_channels%3Dgs_shopping_misc%252Cgs_shopping%252Cts_rtl_bby_chldrn_gnrl%252Cts_rtl_bby_chldrn_ty%252Cgs_business%252Cgs_family_children%252Cts_bz_bnk_fin_bnkrptcy%252Cts_bz_bnk_fin_gnrl%252Cgs_business_misc%252Cgs_family%252Cgv_safe%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26tkspo%3D5%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Dvinicychanmatttownsend%252C%2520jonathanbrowning%26assetid%3D538d6702-a101-4d8f-800e-a3977520290c%26kvng%3Dtoys_r_us%252Cretail%252Cbankruptcy%252Casia%252Csell%26kvcalais%3Dfung_group%252Cbain_company%252Cfinance%252Cmitt_romney%252Cbain_capital%252Ckohlberg_kravis_roberts%252Cvornado_realty_trust%252Ceconomy_of_the_united_states%252Cinvestment%252Cus_asia%26key%3D%2520%26article_b%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1667011283809&lmt=1667011283&dlt=1667011281055&idt=1119&adxs=1036&adys=1354&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&frm=20&vis=1&psz=328x1&msz=328x1&fws=0&ohw=0&ga_vid=24496825.1667011282&ga_sid=1667011284&ga_hid=1737921555&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76714a895f3d56d8cb782e514f0c835c5a589c2d26ca226981a15a8ff4fb7a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907668147450411&correlator=2658382998483719&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Cbusiness&enc_prev_ius=0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=2804206232&sfv=1-0-38&prev_scp=pos%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=permutive%3D%26gs_channels%3Dgs_shopping_misc%252Cgs_shopping%252Cts_rtl_bby_chldrn_gnrl%252Cts_rtl_bby_chldrn_ty%252Cgs_business%252Cgs_family_children%252Cts_bz_bnk_fin_bnkrptcy%252Cts_bz_bnk_fin_gnrl%252Cgs_business_misc%252Cgs_family%252Cgv_safe%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26tkspo%3D5%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Dvinicychanmatttownsend%252C%2520jonathanbrowning%26assetid%3D538d6702-a101-4d8f-800e-a3977520290c%26kvng%3Dtoys_r_us%252Cretail%252Cbankruptcy%252Casia%252Csell%26kvcalais%3Dfung_group%252Cbain_company%252Cfinance%252Cmitt_romney%252Cbain_capital%252Ckohlberg_kravis_roberts%252Cvornado_realty_trust%252Ceconomy_of_the_united_states%252Cinvestment%252Cus_asia%26key%3D%2520%26article_b%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1667011283814&lmt=1667011283&dlt=1667011281055&idt=1119&adxs=436&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&frm=20&vis=1&psz=1600x90&msz=1600x90&fws=0&ohw=0&ga_vid=24496825.1667011282&ga_sid=1667011284&ga_hid=1737921555&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
979f096020a491482bbf7f3f772dc9d7836f16b1e01429bd1cde09a5d9229586
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_dtfu0hPsCFVyHgwcddFwH_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_dtfu0hPsCFVyHgwcddFwH_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
date
Sat, 29 Oct 2022 02:41:24 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43030
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
engagefront.theweathernetwork.com/x/ 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.23.120.34.bc.googleusercontent.com
Software
TornadoServer/4.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
via
1.1 google
server
TornadoServer/4.2
etag
"d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p
policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type
image/gif
cache-control
max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Sat, 29 Oct 2022 02:41:23 GMT
549886031832745
connect.facebook.net/signals/config/ 		482 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549886031832745?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32489124c2ef6322d3bb70fce9bf0f839bc58a0466072a6334b939a10aa7b0a9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Oct 2022 02:41:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145577
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KDtYvISLb4HZFp9r2G6SOgHxxY9QsNxPk75SwDGGRYhZXe/0GQyEXKOzu4z1cAgoE/WzAJhgQTROHQQhvjBKPg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
8qw1O07j6b6k8JuM0EW1cp3eJ25k2UoMyEnMkLNN.png
media-cdn-eu-central-1.app.delivery/80B6An01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn-eu-central-1.app.delivery/80B6An01/8qw1O07j6b6k8JuM0EW1cp3eJ25k2UoMyEnMkLNN.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4a16b2963bc88cc2246193aa113872387b39b796b9cf4a9a1e0b4d02f87814fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 30 Jun 2022 17:43:37 GMT
x-amz-request-id
tx000000000000116e11f90-00635c851e-5c96400f-fra1b
etag
"59ba2e95193f7c9d577e520e6962080f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1667011283.dop243.lo4.t,1667011283.cds083.lo4.hn,1667011283.cds222.lo4.c
content-type
image/png
cache-control
max-age=92
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
17369
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A24%2B00%3A00&ts=1667011284000
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
422f48fa9ad1a83aa448ef95294651506f8f748d1d107f8ce30921f1f6db4126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ETIIFXYS5_3Xs05wAVqLRsnv2YhBtM4L6kn1lcCp6lRZHNJ0X_Xsjw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A24%2B00%3A00&ts=1667011284010
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
aa469f55d27629220ae49c3ac0f34fd90e2cd4ea8ddfc5b334273d2396cfd049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
E427I_j5l0IQZbMZbQ0Yx91YB48JSVMnsVPyJcuExl0WojjiZ6Q65w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A24%2B00%3A00&ts=1667011284014
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
c8832885dd9e9e1d5594dd7818f699d89e51eaa6c010bfc7a0af647ae07831f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jvO05Oh4BV6MpgackOsHemDiJajj7NgtnxOAlqmyW2w3puIOvtwHAw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
images
www.thestar.com/api/liftigniter/ 		3 KB
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
70cb2143d9e036cdcd3c92e47fc97f4908841213e55fcb327f3c3012558090eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"a23-+wyRTNSL9J0DL3zlSSuZKkHdKS4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
ZynNseFkkCskfCugoFo4hKEYbUPw-LHHqRUkS2a4_lGbViwNoVkcJg==
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A24%2B00%3A00&ts=1667011284090
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
54ff48664abbfa772f64464a61503da8f883d1693a5aa12b03a42f501b3bd50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2686
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
v9Gp-l5UhmSJGuyNbeN9NzuMTspeLt9nG3xZXOZQ-0SbgXjIe9Z53w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 29 Oct 2022 02:31:11 GMT
server
cloudflare
age
578
etag
W/"7630eb-9a4f-5ec232aef5c51"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
76188d4ecf169a2f-FRA
expires
Sat, 29 Oct 2022 06:41:24 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 02:37:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Oct 2022 02:41:24 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 02:41:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Oct 2022 02:41:24 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
21646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwZmT4H4YMePoaO6RoNHEG1UT9Al5LrVxlAgF6UPgFKr2RAJouQOMR6%2FyqpSJANSittxv7Go6Q5dX8f94nnzesvEMi7m6%2FZnVOlI5lwMH6B0qUbChjJ%2B5hDnS3W52GKz%2BDd3hoSD0wzyKFaI41Wt2uun"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76188d4f4f329bc2-FRA
expires
Thu, 19 Oct 2023 02:41:24 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame D6F9 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7895436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr6lq5C9WJFwC8D7h1YIut75VDuGc1DhU8BQijBB%2B9ZejgfQ1e5SDpt39PTZvOkMigbqjLgzStUC19p9lcfkt4HakUHUjLc8XWcu95095Jm21NpZzIdbZciue1rsv%2FCPA2tP5A4mkEJXCyaGUJFwvlvA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76188d4f4f339bc2-FRA
expires
Thu, 19 Oct 2023 02:41:24 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame D6F9 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
YjQ1hG5MqCnbmd5hr-60UD38RLmWJ581MYs_6iFJalalo7MM7n8Bag==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame D6F9 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:08:27 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
27178
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
0a3_sykmQnDBvQoFHP6tTFAZ70rrWIhL3-LBDd8W55JanOXg9_fzKw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daec2c5ac8175cc3c9743f4342b44071d271452ca4d548d57c069cc46bf8cbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126562
x-xss-protection
0
expires
Sat, 29 Oct 2022 02:41:24 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:17:38 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
55427
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
Kruo-TukkrWXtEZK3SM6OeipAeB-ts008gP9_ImygAljY9E85wXMPw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:18:10 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
55427
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
HbPI6JE26xT4wUj488jd3Eo56UzIQoovR9HreLfQf2MDEbsuIvkykQ==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:02:14 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
49151
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
t6Tt5EGuNHe1X7_Rsh0-CMzzUlq64ltGSYwSepR4M_04Z6_XWWLdog==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:17:38 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
55426
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
CS0q9vWSYQKoUR6WCq8I4pOAF6a1zP9xNkWooYcXRJrLUeJfm_OmCQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=236292&version=7.10.0&age=221029&cmd=PRE_INIT&key=uxXdqAB3&seq=1&order=1&absoluteTime=3743.1&relativeTime=0.3&canonical=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=cVDqsFWsj91ZVJwz&instance=236292&version=7.10.0&age=221029&ESG_key=uxXdqAB3&type=FULL&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.240.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-240-154.compute-1.amazonaws.com
Software
Apache /
Resource Hash
de81d73ff3e832a8a085cfa2ed7ab92170cb2fde25cc4f5eacbdb95ffe57813a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
6316
expires
Sat, 29 Oct 2022 02:41:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame D6F9 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:39:35 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 19:24:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
110
x-amz-server-side-encryption
AES256
etag
W/"95738dd931cd70a132d12a456f44b79f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
zr0NtcfS54HPCLKy5zyYdC0FjZOd5YFzhjrGAbglrL3iNLFXZp4uTA==
container.html
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6314 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sun, 29 Oct 2023 02:41:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ca3fb7dccdcc10b583431c703833c2616288b6bffa58adc61b35c688163c9b47

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 28 Nov 2022 02:41:24 GMT
identity
api.rlcdn.com/api/ 		44 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.thestar.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.126.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-126-101.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Sat, 29 Oct 2022 02:41:24 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
default
www.thestar.com/api/overlaydatarule/ 		72 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydatarule/default
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
9bbda85c97b47c9ce30f86e0f615beabcbc13dfdfc940adde3ce28605ed5ccb6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"1215c-GeYc3pUkOOvm2Y2ZE6SjaEYsnsU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
HIKLhAQZNALhkpIRzXTIY5g6ytMu1nAYwnw3PO0qqmghsS6MRzkwJA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D6F9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
date
Fri, 28 Oct 2022 03:27:13 GMT
x-amz-cf-pop
FRA2-C1
age
83652
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vcBcVSmUq7Y3_FNk4UH_Ia_GZ5ATwJRTLe0ocMVqFByeuBcRODF74w==
barryhoneyjustbeforedeath.jpg
images.thestar.com/o2zNrTxjNc-kUmVI8h-9kENQNFc=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/sherman-homicide-detectives-lookin... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/o2zNrTxjNc-kUmVI8h-9kENQNFc=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/sherman-homicide-detectives-looking-for-information-in-five-countries/barryhoneyjustbeforedeath.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
272120730785a4a23180641da1d6d59087cebf1f6f7786fca7e7b54f63d47df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 20:30:43 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
108641
etag
"cda605f14c2ea6b212f383aea9c55f4d3873cefe"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
2350
x-amz-cf-id
sY7xZejTojIhqpwYwkiencAD7D3tOco5WDGMbxtnh5sRMgaQeGX6JQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20221028091024-635bd800ef5e05595a363f78jpeg.jpg
images.thestar.com/WUVfBaYII0b2jj_mdrncfIK74a4=/0x0:1280x853/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/10/28/intruder-attacks-pelosis-husband... 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/WUVfBaYII0b2jj_mdrncfIK74a4=/0x0:1280x853/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/10/28/intruder-attacks-pelosis-husband-calling-where-is-nancy/20221028091024-635bd800ef5e05595a363f78jpeg.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a2085713d2ed3beb4ff428410dd16fcfec460802934a2fb0a66428ec8baad06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:47:28 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
10436
etag
"c9961148321702a589e3c11f42ac5dd675588d28"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
5316
x-amz-cf-id
fZph58AzMhQ7uKJWpz-bjIJQqJLyTLUQpyJ6a8GVPmWn5TvNZpFHzg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
justin_trudeau.jpg
images.thestar.com/aKKQSWkSQBhEnWdqFlEqoZsMo9k=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2022/10/27/insiders-say-justin... 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/aKKQSWkSQBhEnWdqFlEqoZsMo9k=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2022/10/27/insiders-say-justin-trudeau-ready-to-freeze-out-quebec-and-other-provinces-in-federal-health-care-deals/justin_trudeau.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a0c5ce8fcb2aea6f42405c5b2eed6b716ffe85c31e21eed7a1267e8c92d2c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 23:36:52 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
97472
etag
"771432cbfe404f34b1f9bca14d6fe20ffbf4139e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
25890
x-amz-cf-id
Ge3biejFpkz8PExxSewV_rYs99L1luPJcZjAYXEHfKGir3Bjq5s-Ow==
expires
Thu, 31 Dec 2037 23:55:55 GMT
doug_ford.jpg
images.thestar.com/0ydYGZ7SOpKzrrXKM-E6vUzboiA=/0x0:1199x799/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/10/27/flustered-doug-ford-under-... 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/0ydYGZ7SOpKzrrXKM-E6vUzboiA=/0x0:1199x799/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/10/27/flustered-doug-ford-under-fire-at-queens-park-as-documents-reveal-questions-inquiry-lawyers-want-him-to-answer/doug_ford.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
16ea1e0652bfd825ccf0917b5121ae28fbe39c33ad983123af3ae0811a4e97b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 10:37:56 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
57808
etag
"8eafabddc4305c0bacc024844517dabbf7ed7c3d"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
20204
x-amz-cf-id
20lJKdqgZRBi-ocFA-JMo-j0r5i3GkDUu055jqeKlW3eqJyvHzvFKA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
barryhoneyexercising.jpg
images.thestar.com/6GWnzusUcWdkqg5VEI-DAqYnNxE=/0x0:1013x675/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/detectives-in-barry-and-honey-sher... 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/6GWnzusUcWdkqg5VEI-DAqYnNxE=/0x0:1013x675/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/detectives-in-barry-and-honey-sherman-case-never-checked-pearson-airport-cameras-in-hunt-for-killers/barryhoneyexercising.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d7c0185e463c86c25475d524ebf61b2b94948cadacf3a6d0e6d33ed436b547d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:18:38 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
12166
etag
"b418dd32bcae1164b73003aec68d8b249e31a9b4"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
21936
x-amz-cf-id
6WAvr8WvVMD4CoBHqgTrVgd78ADNd6vDl7WqKa4OTf6vnsu3a98KoA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
patrick_brown.jpg
images.thestar.com/Z2Yct3xd4B5b8WVmcHzoFYeUuN4=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/federal/2022/10/26/patrick-brown-fined-100000-by... 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/Z2Yct3xd4B5b8WVmcHzoFYeUuN4=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/federal/2022/10/26/patrick-brown-fined-100000-by-federal-conservative-party/patrick_brown.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
993110b176f737529ed49b8e4486bc15f0fd5219f632101b7c37f322bb8e532a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 00:26:12 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
180912
etag
"b0b7afc301bdf9fe5003deeb0e367d7241594ca7"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
14738
x-amz-cf-id
U3XkK-6ODdzZdjAS9MR2Kb57SNajEKn08BglsNRnDUlkYoGRbAsjIQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/9da61d4c-a9ad-4539-ab67-8b7e271ce311/__activity.gif?e=widget_shown&ct=Toys+%E2%80%98R%E2%80%99+Us+reportedly+in+talks+to+sell+Asian+business&ccu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tspl=3956&blst=1090&ist=1487&iet=1496&bdst=1090&bdet=1244&bcttt=21&jsfv=nbc&ts=1667011284519&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&uid=9da61d4c-a9ad-4539-ab67-8b7e271ce311&sid=e6963907-bb83-40e5-8e2a-ba342232a327&pvid=4bd23b6f-5014-4285-d1dd-baa1425459a5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F107.0.5304.87+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=star_web_ymbii&source=LI&pl=null&tr=null&st=3955&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F10%2F27%2Fsherman-homicide-detectives-looking-for-information-in-five-countries.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F10%2F28%2Fspokesman-speaker-pelosis-husband-assaulted-in-break-in.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F10%2F27%2Finsiders-say-justin-trudeau-ready-to-freeze-out-quebec-and-other-provinces-in-federal-health-care-deals.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F10%2F27%2Fflustered-doug-ford-under-fire-at-queens-park-as-documents-reveal-questions-inquiry-lawyers-want-him-to-answer.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F10%2F27%2Fdetectives-in-barry-and-honey-sherman-case-never-checked-pearson-airport-cameras-in-hunt-for-killers.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F10%2F26%2Fpatrick-brown-fined-100000-by-federal-conservative-party.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:24 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
barryhoneyjustbeforedeath.jpg
images.thestar.com/IG47i1j74RUytJkcjaRYtLkno8o=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/sherman-homicide-detectives-lookin... 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/IG47i1j74RUytJkcjaRYtLkno8o=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/10/27/sherman-homicide-detectives-looking-for-information-in-five-countries/barryhoneyjustbeforedeath.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
32a8aff6dcd76841b565d01c7e239bc7a72df294dc91c1350e356314b1eba025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 20:31:03 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
108621
etag
"715a4e3da83bf116ff77b9133a574ba16198681d"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
27292
x-amz-cf-id
l6rskxPEht72F-5jhOwL71n6YI7sSFCB6GT2OwjSLWWADAEWBXgRoA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20221028091024-635bd800ef5e05595a363f78jpeg.jpg
images.thestar.com/ikyAheMAWcbQkzKHJgnvtseaMYU=/0x0:1280x853/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/10/28/intruder-attacks-pelosis-husband... 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/ikyAheMAWcbQkzKHJgnvtseaMYU=/0x0:1280x853/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/10/28/intruder-attacks-pelosis-husband-calling-where-is-nancy/20221028091024-635bd800ef5e05595a363f78jpeg.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-21.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4ab4cdadd1169ec1d5c86950152805681a01488aad6f25ac0fe7168ba687adad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:35:22 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
11162
etag
"d538275538a0383bb100d8b21393527d02e29bc7"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
24538
x-amz-cf-id
BpYAtyq7dQEZWCJQnDXUuW9qAJYFfnoRQwv_wySD29YcJT31d77Jxw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6314 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHcYL05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBLsCT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZK3PZQiKMLhdbD-VEZoqbnE9cWmjtbCegepmafjc-DPok2litXTFu4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=W45jYnfU6v4&uach_m=[UACH]&cid=CAQSPwDq26N9_HFx6XyKp8XCX39jxiM_nTJ9P0W-LJeCfc4Apk_4OP7VJkPvIT1wOmSfsSvX9PdcDThnU63BjD_8-BgBIBM
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6314 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5C8E4-lBKwC2ASdg2ICAgAAACJKZIV_0s-SxgRhMyCbaOUQ05JcY89LCvIl32DbMXuZABIAAA&wp=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
169649
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8500 		225 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
54c3ac74e2869bfa1721e15828f9695fdc59821644bf7cad6993ae17bd818574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=o8irzVtKgXLmFmQs6g_JjZYbSOsPOJjZe4_QCB0CeRD7Ku380D0TprkGPlO6POc-WdpU2OTViX_Ykctn6bsRY0NQRci-kx6ccI6y6YEVCIQNts7kB8p-vLh7ygO_jwl-SB2ZJB76N2HwP8UyqZeDiSKZvcfNiSsMSLZ12q_n3r7u_t2LW9R_5lq-YPyEKPeqSHxifem2zwRWaYBDsxPBci1YgVZ1NXUa9i6Bak4fo-R2Y6eoHZPJg_HCZo1pC-ZP7NHWcQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
109759658
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6314 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
53009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6314 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
29944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6314 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 03:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 03:07:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6314 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 02:41:24 GMT
bridge3.541.0_en.html
imasdk.googleapis.com/js/core/ Frame 81A3 		688 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e395eaf1bfcc27f23912f3b3c0d0acc08cc13ebf3f404efbab7e786da1af66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
329366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226874
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 07:11:58 GMT
expires
Wed, 25 Oct 2023 07:11:58 GMT
last-modified
Tue, 25 Oct 2022 07:00:51 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 02:41:24 GMT
container.html
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1ADE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:23 GMT
expires
Sun, 29 Oct 2023 02:41:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame D6F9 		248 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thestar.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:31:17 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
7806
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
fyaOwJIu3nK-ck5iiYOC8RHrZsWNRGGgoPh0NOj6XPupeK_gyR0VvQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&cmd=GET&key=uxXdqAB3&c_id=4204&seq=1&order=2&absoluteTime=4114.9&relativeTime=372.1&canonical=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&playerCfg=FP
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=uxXdqAB3&ES_key=uxXdqAB3&ES_ID=29670&S_RKEY=Tde5J551Aq&USR_ID=215236292&ST_usrKey=cVDqsFWsj91ZVJwz&SM_ID=2327069&C_ID=4204&C_companyName=Toronto%20Star&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FULL&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&PLAYERCODE=LVFDLN&OGSET=1&REFONLY=0&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:24 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 29 Oct 2022 02:41:25 GMT
0.js
player.sendtonews.com/bidderFiles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:25:19 GMT
content-encoding
gzip
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
970
x-cache
Hit from cloudfront
content-length
1389
last-modified
Wed, 12 Oct 2022 20:07:56 GMT
server
Apache
etag
"dda-5eadbf2cfdf00-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
FGWhYxfDsP6IePJ72sZPUkGZHqf0HO3BSRGU3fVNkAdwJvUKo5FcbA==
expires
Sat, 29 Oct 2022 03:25:15 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:00:05 GMT
x-content-type-options
nosniff
age
373279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 19:00:05 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 23:20:44 GMT
x-content-type-options
nosniff
age
98440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:20:44 GMT
rex10aqatg54yr47p4m09worduhmtfv5.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/rex10aqatg54yr47p4m09worduhmtfv5.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9ef33c83acd2a7c006bcddc4e0473e9fefb5bdc56ca5bb36c92c906341ef293

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:42:21 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
7144
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
20635
last-modified
Fri, 28 Oct 2022 21:40:12 GMT
server
AmazonS3
etag
"035c6b4d895c48916b319d06414419b5"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
Jtnhu6PZBWG7nSFBQVTAYP3_SGfUPvTUlp6q7wndtlzLrsc5QWf7Eg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&cmd=RTP&key=uxXdqAB3&c_id=4204&seq=1&order=3&absoluteTime=4143&relativeTime=400.2&sC_ID=8783&sm_id=2327069&load=1&status=LVFDLNIY&ac_id=2008&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&playerCfg=FP
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=uxXdqAB3&ES_key=uxXdqAB3&ES_ID=29670&S_RKEY=Tde5J551Aq&USR_ID=215236292&ST_usrKey=cVDqsFWsj91ZVJwz&SM_ID=2327069&C_ID=4204&C_companyName=Toronto%20Star&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FULL&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&PLAYERCODE=LVFDLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:24 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 29 Oct 2022 02:40:06 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame D6F9 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
76188d51af895b74-FRA
vary
Accept-Encoding
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame D6F9 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&pid=dibPzS9glJcmo&cb=0&ws=300x150&v=22.1021.827&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CjaqIQ_S9s1VkFhn8lC9q5g%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
67VGNEXVCR1KVH9BGXQZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
IHzvhl8jpMCxkqedZW-Lo8TdmUKaUT36wmI8vjuxc6W1dqZacSv40A==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame D6F9 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Sat, 29 Oct 2022 02:56:24 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8500 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:41:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8500 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:41:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8500 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 24 Oct 2023 02:41:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8500 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 24 Oct 2023 02:41:24 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 8500 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-z812ABwvkCBNHAqgzp5rme0JstaMxBOG0d1o3A_jo9kCeelL3ve0lcQEF8Yea1kayOO0D3BFQJF0wCI6-6ZnXZ-qA9E5MIPfMor00TTIQchwqfZjDHqHqZ97gNWiqDyClRP7qow_Fi9MEo0slpUfhE6xLBwTdVMNADSdffXTsu19dtn8lhxKL4igoOLOOFGKhjc1e6Bdnd4qy1wpaalW_mD2LxjceZeLTl4I2F0o_bLjByYUgOdc8xPWGBJriLniyNPhkQAbS4vOWUybLt7ceiMvPwYSw0KlyNZ3DRxxgDGGsNpLKmm0jorHqNsGHqDpVdMcsOtD-Smj4sRA-CD-pVGYmlpOknxkbCSLBVpuLkvbiXx2i75ExIzyhPOJCp3qbLppR2HGn546fnFoZsO23gLlU5222xR7iWJzZnzC6YPaITi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3539394
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/ Frame E1CA 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e073cf26f3d82f4816a5a6b38801e590a33c4c8ad8044cc9d7ebd37b6eabaae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
379349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2655
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 17:18:55 GMT
expires
Tue, 24 Oct 2023 17:18:55 GMT
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1ADE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C675x1JJcY9-jCNyOjuwP9Lid4A-hze6QbY2M_oCfEOKpre-wMhABIMfr9h5gleKQgqAHoAHOw7L-A8gBCakCVKlVwvy3sD7gAgCoAwHIA0iqBMACT9A78VMDJ2YVerIPaddfeklhhJjdZBJ4QzMzA0fkrk8Y4khItUiCTZP6tj1jXfM80yx55CZZwh0wGXNf-il4WCCSEt4QV77IMsWlO8UANNY0-sBoYdELjLGl_tmD5VlHAx3crLYVWAUYKcDhpgWKaJvNNkKsLYGBCKG6zfVbvgDcAkIjfWGzAHmg6dncshCuadXdn9QqAeMC5xNNNrE5j4Mt4mmpm-JDI-1ivmsj9md44AfayoA1MOMDnQBJjliuyzTaADynhKRdheQEBJe86AE1W9bG99RTJuc0IyhJyZm8SZlSyBa0t97vXBVVCZYOLXhT0mExgOrMcwLLN0f3EqtHt0d3Xh4pPc41iVWyt_fFsx5pLcQ6nCU4n7kOXG4YZ8iniv6_rKTbND-pCiycvmFhcVxtkcVgquOOEhh1gp_ABOGe2viDBOAEAaAGLoAHmrzNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOTgEtIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMDiBQB0BUBmBYBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=fEK8mHFGMTo&uach_m=[UACH]&template_id=419
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 1ADE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 15:50:27 GMT
headerstats
as-sec.casalemedia.com/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVaNw79ehGzXjVVaDRqCw49J1OSWEjRHOXCDqZA6oe7J3GS8Ijq8Euo4tTD9kRCkjJLrn1LAH8Yb5zfIiIprgm16WEmESfOQ7efz4c77bQOzhjczm%2BLPGHxgVGPdEHAOesdb8vTH2IE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76188d532c05912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
truncated
/ Frame 6314 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dffc82ec60b089ae975011a3e4b11a58fcd8897baeeada086fa3e241bf132419

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E1CA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 29 Oct 2022 13:44:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E1CA 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 29 Oct 2022 09:40:58 GMT
img-bg-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-bg-0.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
663679bdd35df75aca06e52a2c8f97b2a580f9640c1f2ca50bc3a385c3dcbb47
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 28 Oct 2022 13:44:21 GMT
x-content-type-options
nosniff
age
46624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73480
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 13:44:21 GMT
img-bg-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-bg-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8933b2a983b476d3d98650c2f6e4027b6be6de298ed5fadc8420658a972d29d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 28 Oct 2022 13:44:22 GMT
x-content-type-options
nosniff
age
46623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17833
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 13:44:22 GMT
tf-0-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-0-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6e604803e7caf1d840778dad7d901e3127c52e197ff9da8b4f96ebd5a61f18f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 28 Oct 2022 13:44:22 GMT
x-content-type-options
nosniff
age
46623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3410
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 13:44:22 GMT
tf-1-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-1-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07a0502637cfaf9a94bdb41c7d04a5db8f66e66bd75960a91796117bebb14791
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 02:56:05 GMT
x-content-type-options
nosniff
age
344720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2188
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 02:56:05 GMT
tf-2-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-2-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7390c143fb117e2e8ba657c53c338b8901d466c14b6ade0a136d70ed046a6ea
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 28 Oct 2022 13:44:21 GMT
x-content-type-options
nosniff
age
46624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3972
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 13:44:21 GMT
img-hashtag.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-hashtag.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e0cb7a84bf231beb42be41189676f3af575bcb048e330694a47d71e34c4c306
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 15:56:45 GMT
x-content-type-options
nosniff
age
384280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2398
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 15:56:45 GMT
img-stoerer-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-stoerer-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23b321ec8412a7f5f088ae9c776e4720083084fdbf532e08747585c65dfa37e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 13:27:51 GMT
x-content-type-options
nosniff
age
306814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4162
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 13:27:51 GMT
img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48306e9081077ef3dbd91297bacbe423ed479cbd284fba7e7952ea35a50bb30
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 09:54:07 GMT
x-content-type-options
nosniff
age
406038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3279
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 09:54:07 GMT
img-overlay-white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-overlay-white.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2cf3c28b4ca6850e001ad4db41d69f195854dd6b76e53be9b79280e2955d37
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 15:28:08 GMT
x-content-type-options
nosniff
age
385997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2437
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 15:28:08 GMT
img-logo-end.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-logo-end.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1e737642103fc85b4df4c2c792f03541a20ff20e22253653d5e577a3ea9c1f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 06:32:35 GMT
x-content-type-options
nosniff
age
331730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4271
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 06:32:35 GMT
img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2708bda4c13c3e0df7ebcc3fced7e1e47df5d74695d908412cd69abeeb4739f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 25 Oct 2022 05:06:56 GMT
x-content-type-options
nosniff
age
336869
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1777
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 05:06:56 GMT
gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		99 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/gfx_white.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a56256abd37201dd165bd8c1f26aecdcc5997a43b2e99c5db802c1c3ffd1c2eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 24 Oct 2022 15:42:15 GMT
x-content-type-options
nosniff
age
385150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 15:42:15 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E1CA 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 02:41:25 GMT
TKUT_v1.1.1.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame E1CA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/TKUT_v1.1.1.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 08:06:10 GMT
age
326115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1022
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 09:21:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 08:06:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 8500 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:41:25 GMT
e1ff7302279e4d8c8ff26c9789cfc8ce_cpn_300x600_1.jpeg
static.criteo.net/design/dt/81034/221024/ Frame 8500 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/81034/221024/e1ff7302279e4d8c8ff26c9789cfc8ce_cpn_300x600_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d3dfadf23f35223746c2d4993897988319731b6371ec51805489f1481f15ba95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 08:52:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6356523c-11e9a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
73370
expires
Tue, 24 Oct 2023 02:41:25 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=104&m=0&partner=81034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F81034%2F220524%2F37aa47987df74bddb3b3333fe5ef4fe3_etoffe_logo_exe_positif_rvb.png&v=3&w=596&s=qkOvRuaD4EXbEUQt_TxnqFgN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
adbaa543f06710de943b33269ab77ec596301e20bbb158e356bde8c8c901d66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31021066
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3305
expires
Mon, 23 Oct 2023 03:39:12 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=81034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F81034%2F220524%2F5660f841ad514c18a506c12b8593da1d_1200x1200.jpg&v=3&w=1200&s=OKH2r9VryCzdCHrraPUlndQh
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
90f457fa8d1bf8fc9b7dec794f96ea40b25f003d800b7330be483382d5fd017a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31028657
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
209082
expires
Mon, 23 Oct 2023 05:45:42 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F91883-category_big%2Fbettdecke-chenevard-craie-et-graphite-designers-guild.jpg&v=3&w=400&s=zjPNlcPsLlkC0qJWsh7LzLVb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e2298ae007bc0362f0f15a20795bbc10e90fd81b476c39022507fcb2754fe4d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=906240
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12628
expires
Tue, 08 Nov 2022 14:25:25 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F281267-category_big%2Fterrazzofliese-siena-carodeco.jpg&v=3&w=400&s=aaOI5620BO2ePdKHTTy9FAPz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
01ded8dfd847755899836095dba5f19e905cdcc6cda06d0febecd494050e2b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=636530
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9174
expires
Sat, 05 Nov 2022 11:30:16 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F236949-category_big%2Fpanoramatapete-edo-metallics-coordonne.jpg&v=3&w=400&s=gNhB7-6n9mAHOjZ9doeP-KTi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
12cb5e02129bb8aa72513880b4a1c14fe3d06a4395500e6d1166263db3a9f8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=819882
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41466
expires
Mon, 07 Nov 2022 14:26:07 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F144041-category_big%2Fpanoramatapete-edo-coordonne.jpg&v=3&w=400&s=z7v1IpT5JHZMHqV182NBREKt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e422d82de735426399a8d0dd47ef65d3e19a70abab664445b60e951009841a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=807556
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30836
expires
Mon, 07 Nov 2022 11:00:41 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F49513-category_big%2Fteppich-mini-globo-rug-gan-rugs.jpg&v=3&w=400&s=zr29sWnhwGdBiclgbAaWw-B2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
101e909f5a85b74142f0afd95f59437add2eb4f67f274b9f4ee67ae5484a0a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1527267
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23588
expires
Tue, 15 Nov 2022 18:55:52 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F330708-category_big%2Fteppich-digest-trims-3-yo2.jpg&v=3&w=400&s=vkwf0n3h6gNM8nLwX10jAJI9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
101e0cf502a6391161b5c36e5d8f5fc1433f1c71cbf460f8a14888f905431291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=33614
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9080
expires
Sat, 29 Oct 2022 12:01:40 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F209318-category_big%2Fselbstklebende-tapete-juniper-forest-rifle-paper-co.jpg&v=3&w=400&s=sDBv9YjHmg6S6wSxe5OeAg7Z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
aecbdd026bcdd66647f0f25b1655cdd08252eaef059d6a2242efdb781aa121fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1065591
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34836
expires
Thu, 10 Nov 2022 10:41:16 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F119237-category_big%2Ftapete-feathery-clouds-eijffinger.jpg&v=3&w=400&s=v6iLoGM55st3UaBHXc32552t&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cba81a9533aa75d40a3cc02973ee69e96a89d383d271cbc2b53c1a7ecf0702ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=703448
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36088
expires
Sun, 06 Nov 2022 06:05:33 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F322123-category_big%2Fteppich-kivi-multi-in-outdoor-scion.jpg&v=3&w=400&s=CdXyLbUx1YxShPzjJRceU0eA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6bc0a443d4241e83595373a2e54ee7352f9eef56b623ffe61d38444a1f9bc18a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=980339
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7112
expires
Wed, 09 Nov 2022 11:00:24 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F209313-category_big%2Fselbstklebende-tapete-garden-party-rifle-paper-co.jpg&v=3&w=400&s=tlLo6ZZKf99Q-1-psxZVGvZK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
de8aebbd152b4ad77cf9e6ed93393bf04cca6304e0107adbd8cc1db05235551f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1066244
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36680
expires
Thu, 10 Nov 2022 10:52:09 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F49890-category_big%2Fteppich-rectangular-yellow-blue-rug-gan-rugs.jpg&v=3&w=400&s=ugGgeTclB62jqvPcODuTjNyi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
db8d1c57a875df10881301b0dee91182e2ad4134cefa3f5957025657953ba793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1306542
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13576
expires
Sun, 13 Nov 2022 05:37:08 GMT
img
pix.eu.criteo.net/img/ Frame 8500 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81034&q=80&r=0&u=https%3A%2F%2Fwww.etoffe.com%2F206049-category_big%2Fterrazzofliese-roma-carodeco.jpg&v=3&w=400&s=FHnTPzL-700fuBVtQYu2M46-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1ed310b9eefdbb8f2b7d2eb239db0a5eefb5dd7662aad685622a9833e89dcd18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=636832
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11150
expires
Sat, 05 Nov 2022 11:35:17 GMT
all
csm.eu.criteo.net/ Frame 8500 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=o8irzVtKgXLmFmQs6g_JjZYbSOsPOJjZe4_QCB0CeRD7Ku380D0TprkGPlO6POc-WdpU2OTViX_Ykctn6bsRY0NQRci-kx6ccI6y6YEVCIQNts7kB8p-vLh7ygO_jwl-SB2ZJB76N2HwP8UyqZeDiSKZvcfNiSsMSLZ12q_n3r7u_t2LW9R_5lq-YPyEKPeqSHxifem2zwRWaYBDsxPBci1YgVZ1NXUa9i6Bak4fo-R2Y6eoHZPJg_HCZo1pC-ZP7NHWcQ&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8500 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:41:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8500 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1yS0wAM2FMKd6ePAALqelfLrKCNln_V9KKhKA&u=%7CDOZI0HFmgHWcgGeq%2FWXju1OAPV8%2FhFJrbYeUJbxYDp0%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTPrKTeEqvT3-607biXso96WejCrnIm4gE8khR0d-ad0vCDL_7iOxVieAGrBABq5mg0dEbkMZ3vMutQIDIFXNOuo4Fyz2OSfF876YQamt35dj7kBJsd4Qcgw0xSdyC93LM_hKv-rhak0adm4mfcwl4nsciyk9CGOeGQppijCO0F806AfvMKr7DtOOpbRpnpFI4oaalgIjs99LG0yD9ZXWX4WrlYv2LdeIMLdGjQyJu1CWP6BdTD9jwc2NL5D6c5cSHeD0vvIGz7h8bJyusUN0djX0QnjX9V4VPvuk_BVaBRjsT_4wKc36wZoJC55j8-W_WDd-vku85_B9i2naArn-BOmxf0O_omjReeuRosP3_pPLcXjYwvfEX5WHCchvWxhNZZw2yoRLxz8oaLvOR99tDaU_0-_TGaBZ1qcqS4XKyaFLtM_8ct15H1USva2xhnNZ4sYzXy5sry1YVdpJBzhx43BXHHQV2By74EaySqovXJ93Lm59bHwG3NokiEPZB_geYZckLuMNQOnhGS4Euhsz4_4z1OMFpMoAyC7pW5dNT27eQcwMJqxOnVRaDa4QSgq8cM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR2pJ05JcY9OwM4_P3gP61IvABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakCVKlVwvy3sD7gAgCoAwGqBL4CT9DbkqD0Q_Fi3M1E11xfB7FyM1p8C1M9BhLFkLgo6oOkYw-fD1AEPiZfLBpN850f1rrBlCvsGV7apxPhd8x4mr3VvNAndrZ1pFMGr2I7h2xw2GJrHJkWfyeL7wW807XSWzutANS_N8zUMCT4fQsqQ3ykceCeqyOg6swTyRONz260T8Bbc50IoaUm1B-eVUmy1Pj2rRcRqLljo28CUKkgHBT2DMSoAkjccWISIHUiQe-yJZHJKmKXKMou4cTiUMExa2H2CP9LTdj87q1ht9iefgM2q5opFPcuOma8few-_a7aPi8rqRrbVZTxGM6PcaGNxb5OsmVAbMIi_--ElP5D32JM55YxNY3ucs3XZLjVTo3EAlLZKzHbY7ALoYtIsHlQxVqmOrdVTmJbZgm4-C1SQ5HMs-QIwt0H2SLRs_Nh4AQBgAaZvIOUnqSGhFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1h-2yrp9f2qUDxRtSTKUrfPYk-ig%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 02:41:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 28CE 		143 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 01:55:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1ADE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
53010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1ADE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
29945
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
auction
tlx.3lift.com/header/ Frame D6F9 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.142.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-142-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame D6F9 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sat, 29 Oct 2022 02:41:25 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.009795
X-SpotX-Timing-Transform
0.000335
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.009795
X-SpotX-Timing-Page-Require
0.000375
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001716
X-fe
097
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.013478
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000318
Last-Modified
Sat, 29 Oct 2022 02:41:25 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thestar.com
X-SpotX-Timing-Page-Exception
0.000018
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000905
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D6F9 		138 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a0b3da9b212b7fddef47ff1fd9cf15da6bbad5ca97c4a37e829170856d834853
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:25 GMT
AN-X-Request-Uuid
c56ac37c-214f-4df7-8cce-6ec4fc4a417d
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame D6F9 		36 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227ddd3d26826e3a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%22%2C%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%22%2C%22domain%22%3A%22thestar.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22thestar.com%22%7D%2C%22keywords%22%3A%22ToysRUs%2Cretail%2Cbankruptcy%2CAsia%2Csell%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228529693c999391%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A690%2C%22h%22%3A388%2C%22sizes%22%3A%5B%5B690%2C388%5D%5D%2C%22playerSize%22%3A%5B%5B690%2C388%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22jaqIQ_S9s1VkFhn8lC9q5g%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ba2f9406f04e29021cefec3f0bc0fd1e63146ea6b1f69dbdff6eb935a7f197

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XH4JlqaVTELQ9H2wycBSw2xWviCfrFQ0dd7%2FD9fHLR90YbnsmGPTCXOaS0RXg87cE4qg0tLYUuc4cXg3hkjFy12VK0iRSM57JLVmgBayuzWs23pFCHgj6Z8i%2FFhCSGC1kZJ5G5L"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76188d54b8f79b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame D6F9 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.252.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-252-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4621e026330d3cb44a6be034f0cd70fb703a0374167136f1708693eb78732a61

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
translator
hbopenbid.pubmatic.com/ Frame D6F9 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com
date
Sat, 29 Oct 2022 02:41:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
si
googleads.g.doubleclick.net/pagead/drt/ Frame 28CE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:25 GMT
expires
Sat, 29 Oct 2022 02:41:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1ADE 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 02:41:25 GMT
truncated
/ Frame 1ADE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
405538e42992c36b10c8c935cb9ecb031d9384c99020345bcda5bd521794014d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame E1CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:53:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 15:53:35 GMT
6s858nr0q41r35op7q7np4qrr7nq6832playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/6s858nr0q41r35op7q7np4qrr7nq6832playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab7fdf3c9127d12eafda788c947f6e0e9d6d7276b5df6b971b14d87b2f70c74f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:00:33 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
16853
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Fri, 28 Oct 2022 21:42:35 GMT
server
AmazonS3
etag
"97ce1546ccc0b4e81b0cf32382ddac0f"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
U9z5yD2RTBEK9oPnA0yK25rUI3eX4gZ0h5UcvmzwxRpomsLUjlMU7Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&cmd=IMA&key=uxXdqAB3&c_id=4204&seq=1&order=4&absoluteTime=4853.5&relativeTime=1110.7&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&playerCfg=FP&recoveryMethod=SSAI&imaVersion=3.541.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&ldt=BIDS&key=uxXdqAB3&c_id=4204&seq=1&order=5&absoluteTime=4854.1&relativeTime=1111.3&sm_id=2327069&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFDLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.triplelift.time=139.7&prebid.bidders.spotx.time=200.9&prebid.bidders.appnexus.time=57.6&prebid.bidders.ix.time=134.4&prebid.bidders.rubicon.time=133&prebid.bidders.pubmatic.time=127.2&prebid.start=4632.6&prebid.time=204.6&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
97rrr47o4s79p3q0753r5257oo6o3pnsbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		8 KB
8 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/97rrr47o4s79p3q0753r5257oo6o3pnsbase.en.vtt
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f0a7325777df11bc98290a853c94e5dbfb3a1f15ec7fbf8ae6c70b353c5810a

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:53:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
6470
x-cache
Hit from cloudfront
content-length
7699
last-modified
Fri, 28 Oct 2022 21:44:04 GMT
server
AmazonS3
etag
"e88f37e6a56dbeddaa3eafbed4319e8c"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
Ym0ttnFpIMZS9wGTB0dZUeaA1yct4yg1UyplclZIKRfXUwr282LfRA==
6s858nr0q41r35op7q7np4qrr7nq6832.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		2 KB
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6s858nr0q41r35op7q7np4qrr7nq6832.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03ab8e8f9ee83be8b7843e3770b49402d08d549901012a98514ef5e0956a2653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 00:17:34 GMT
content-encoding
gzip
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
8632
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 28 Oct 2022 21:43:31 GMT
server
AmazonS3
etag
W/"6623ed07cba4d318c6ae8355574168e9"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
iGA5OZsItxR4qmLXevGxOTtciCft6AbiydGK0FPyGQmcxDo08wk8Cw==
6s858nr0q41r35op7q7np4qrr7nq6832-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6s858nr0q41r35op7q7np4qrr7nq6832-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94680d652055cda9bed2dac22350e1622baa86878eebec689fd1f3325142e5ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:00:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
16850
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
383332
last-modified
Fri, 28 Oct 2022 21:43:26 GMT
server
AmazonS3
etag
"d8051edc7850062fb54677f0538df198"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
pJ4rH1l_pF_t8FFKcGYNVkH0AbwPfV571n8j0gutPwpAsa9XEfjyFw==
ads
pubads.g.doubleclick.net/gampad/ Frame 81A3 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C58580620%2F54097046&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2327069&us_privacy=false&cust_params=sessionKey%3D215236292-cVDqsFWsj91ZVJwz%26schain%3Dstnvideo.com%2CjaqIQ_S9s1VkFhn8lC9q5g%26content%3D8783%26placementType%3DPremium%26embed%3DuxXdqAB3%26domain%3Dthestar.com%26player_size%3Dlarge%26player_width%3D690%26player_height%3D388%26player_type%3Dfull%26version%3D7.10.0%26player_status%3DLVFDLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D12%26iris_id%3Diris_dcf68d8fc4831f3d%26iris_context%3Dic_4338203%2Cic_7095941%2Cic_9146060%2Cic_2291553%2Cic_2416407%2Cic_7753435%2Cic_1612662%2Cic_7489517%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_8555203%2Cic_3203444%2Cic_0654910%2Cic_1115791%2Cic_7558382%2Cic_5063263%2Cic_8639826%2Cic_9493456%2Cic_0460104%2Cic_9954675%2Cic_2592227%2Cic_9677800%2Cic_0702701%2Cic_9707283%2Cic_8636446%2Cic_4030877%2Cic_5006431%2Cic_2375829%2Cic_8717743%2Cic_7032324%2Cic_4895920%2Cic_1199018%2Cic_9379217%2Cic_5288479%2Cic_8881910%2Cic_6369906%2Cic_6699434%2Cic_2258785%2Cic_9802693%2Cic_2658254%2Cic_6765345%2Cic_7839800%2Cic_7057969%2Cic_2346818%2Cic_6400126%2Cic_9936075%2Cic_5601324%2Cic_4981813%2Cic_3022587%2Cic_3369284%2Cic_6871098%2Cic_2006330%2Cic_1302571%2Cic_9448222%2Cic_7250048%2Cic_7858774%2Cic_9754885%26us_privacy%3Dfalse&sdkv=h.3.541.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.541.0&sid=DE1DE1DF-96C5-45BE-A9A3-ED97577C2917&nel=0&eid=44731965%2C44733378%2C44748969%2C44765701&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&dlt=1667011281055&idt=3962&dt=1667011285486&cookie=ID%3D9ac9c8737ada4af6%3AT%3D1667011283%3AS%3DALNI_MYS_oLQjzJLSDCnYmdPo7gR1lG8-A&gpic=UID%3D00000b799c48ce4f%3AT%3D1667011283%3ART%3D1667011283%3AS%3DALNI_MbUgNLo5QNmDcS36bPdmb13TuNvhA&correlator=3311271453019854&scor=1234899722338158&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18546cdcabfb25ad6dd3b63049c95b5572adc2167f18a0f8142073c801d66cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1642
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=10&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1667011281913&de=231514733289&rx=418172946944&m=0&ar=e27dbc83ae5-clean&iw=43355f1&q=1&cb=0&cu=1667011281913&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3AToys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&it=500&pe=1%3A1057%3A1849%3A0%3A1092&fs=200656&na=305124893&cs=0
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 29 Oct 2022 02:41:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0555cc20f3dfc960d0c8f3cdb224727b07a7d95e3fb2832550721c7634708fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11372
x-xss-protection
0
B24540798.279406836;sz=1x2;ord=910744192971
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=910744192971?
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
279c4df155f89966fca6acdb7d792d4133564119cbc035abfbc6cad85b4445d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c08be27d412702c743e960e83e8816562c718a2069b42653aea9c235da00c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39651
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 02:41:25 GMT
3d475d46-4c58-4f1d-a1bd-36b20740b2b1
https://www.thestar.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/3d475d46-4c58-4f1d-a1bd-36b20740b2b1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e3534d987a90a565c0b7e86c571fa8d6d2f3cebfa4540ed2fddecd8a4647560

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F%2Fbusiness%2F2018%2F02%2F27%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Ue4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-Pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1667011281913&de=231514733289&rx=418172946944&cu=1667011281913&m=3589&ar=e27dbc83ae5-clean&iw=43355f1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6477&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1057%3A1849%3A0%3A1092&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3AToys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200656&na=640971020&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 29 Oct 2022 02:41:25 GMT
__inventory.gif
query.petametrics.com/v1/ 		35 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1667011285537&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&item=%7B%22content_tier%22%3A%5B%22metered%22%5D%2C%22publisher%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftorontostar%22%5D%2C%22published_time%22%3A%5B%222018-02-27T18%3A04%3A30.157Z%22%5D%2C%22modified_time%22%3A%5B%222018-02-27T18%3A10%3A34.729Z%22%5D%2C%22section%22%3A%5B%22Business%22%5D%2C%22tag%22%3A%5B%22Business%2C%20Finance%2C%20%26%20Economics%22%5D%2C%22title%22%3A%5B%22Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%22%5D%2C%22description%22%3A%5B%22The%20U.S.%20chain%20is%20in%20talks%20to%20off-load%20its%2085-per-cent%20stake%20in%20the%20Asian%20venture%20to%20Hong%20Kong%E2%80%99s%20billionaire%20Fung%20brothers.%22%5D%2C%22site_name%22%3A%5B%22thestar.com%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fimages.thestar.com%2FPjjIZMdhaQ7UK65XPpGtiCNwij4%3D%2F1280x1024%2Fsmart%2Ffilters%3Acb(1519764298977)%2Fhttps%3A%2F%2Fwww.thestar.com%2Fcontent%2Fdam%2Fthestar%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business%2Ftoys_r_us.jpg%22%5D%2C%22truncatedDescription%22%3A%5B%22The%20U.S.%20chain%20is%20in%20talks%20to%20off-load%20its%2085-per-cent%20stake%20in%20the%20Asian%20venture%20to%20Hong%20Kong%E2%80%99s%20billionaire%20Fung%20brothers.%22%5D%2C%22inHouseArticle%22%3A%5B%22false%22%5D%2C%22enableLivechat%22%3A%5B%22false%22%5D%2C%22images%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Fassets%2Fimg%2Fthestar-ribbon.png%22%5D%2C%22noShow%22%3A%5B%22false%22%5D%2C%22enableConversations%22%3A%5B%22true%22%5D%2C%22hasImage%22%3A%5B%22true%22%5D%2C%22abstract%22%3A%5B%22The%20U.S.%20chain%20is%20in%20talks%20to%20off-load%20its%2085-per-cent%20stake%20in%20the%20Asian%20venture%20to%20Hong%20Kong%E2%80%99s%20billionaire%20Fung%20brothers.%22%5D%2C%22asset_id%22%3A%5B%22538d6702-a101-4d8f-800e-a3977520290c%22%5D%2C%22enableLivechatadmin%22%3A%5B%22false%22%5D%2C%22thumbor_image%22%3A%5B%22%7B%5C%22imageid%5C%22%3A%5C%22GDF21QBAH.2%5C%22%2C%5C%22origImageSize%5C%22%3A%5C%221200x800%5C%22%2C%5C%22lastmodified%5C%22%3A2700061000%2C%5C%22fullWindowMainart%5C%22%3Afalse%2C%5C%22forceoriginal%5C%22%3Afalse%2C%5C%22caption%5C%22%3A%5C%22A%20deal%20could%20give%20Toys%20%5C%5Cu201cR%5C%5Cu201d%20Us%20Asia%20a%20valuation%20of%20at%20least%20%241%20billion%20(U.S.)%2C%20sources%20say.%5C%22%2C%5C%22source%5C%22%3A%5C%22AFP%2FGETTY%20IMAGES%20file%20photo%5C%22%2C%5C%22type%5C%22%3A%5C%22image%5C%22%2C%5C%22credit%5C%22%3A%5C%22DANIEL%20LEAL-OLIVAS%5C%22%2C%5C%22mainartSize%5C%22%3A%5C%22medium%5C%22%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fthestar%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business%2Ftoys_r_us.jpg%5C%22%7D%22%5D%2C%22last_modified%22%3A%5B%222018-02-27T18%3A10%3A33.753Z%22%5D%2C%22author_names%22%3A%5B%22Vinicy%20Chan%20Matt%20Townsend%22%2C%22Jonathan%20Browning%22%5D%2C%22authors%22%3A%5B%22%5B%7B%5C%22author%5C%22%3A%5C%22Vinicy%20Chan%20Matt%20Townsend%5C%22%7D%2C%7B%5C%22author%5C%22%3A%5C%22Jonathan%20Browning%5C%22%7D%5D%22%5D%7D&ttl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 02:41:25 GMT
6s858nr0q41r35op7q7np4qrr7nq6832.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 KB
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/6s858nr0q41r35op7q7np4qrr7nq6832.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48c5dfd792fde615467e3b1789f973eee607b6c98718d9338ba91f5f14606d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:00:37 GMT
content-encoding
gzip
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
16849
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 28 Oct 2022 21:43:53 GMT
server
AmazonS3
etag
W/"87231de6ad214c185b535f249c666f44"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
BaABBgVITWxFjR5LNsQq8dh1u8qldK8G3eAG05SPtB67mfWcmeJUOQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2ED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22931
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FD4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c3d62b3a579e3f0389a5b959dcd3fd909d442402459f54db7d96fbdd96655436
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-v9eazBPWmGYTd7DEukKIHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-v9eazBPWmGYTd7DEukKIHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:25 GMT
expires
Sat, 29 Oct 2022 02:41:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=910744192971?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
29954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVZSx01PbRPzkeRhZTYyG7Ewp0cJ17Y0Et9wMk1oves4nFkmBbs6ui5YRriu0bN9_I2hOYmWRKLGsdlaEViaWFZNtSMlz_enqQh5_MQt60VhDWrRMUppkXgkHRASVGUurW9-BQsSzB6ezHTGLjjNj48qxuRXINOg&sai=AMfl-YSa-SaPrMD8SvrePDN5ytr1NdWlnohsEeekwc_tYjM-Nn4MAyxHbjNsRkblUbsNSpnFjyW70VRVvjG9ynqJsfv2_HMdXnSY7a4maRV7&sig=Cg0ArKJSzAApvvvXwj4TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221026.28128&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=910744192971?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 02:41:25 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame B2ED 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:53:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 15:53:35 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&cmd=INV&key=uxXdqAB3&c_id=4204&seq=1&order=6&absoluteTime=5061.6&relativeTime=1318.8&alt=0&sC_ID=8783&sm_id=2327069&load=1&status=LVFDLNIY&ac_id=2008&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&playerCfg=FP
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=uxXdqAB3&ES_key=uxXdqAB3&ES_ID=29670&S_RKEY=Tde5J551Aq&USR_ID=215236292&ST_usrKey=cVDqsFWsj91ZVJwz&SM_ID=2327069&C_ID=4204&C_companyName=Toronto%20Star&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FULL&EXTREF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&REF=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&PLAYERWIDTH=690&PLAYERCODE=LVFDLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.165.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-165-148.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:25 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 29 Oct 2022 02:41:26 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 81A3 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2F54097046&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D215236292-cVDqsFWsj91ZVJwz%26schain%3Dstnvideo.com%2CjaqIQ_S9s1VkFhn8lC9q5g%26content%3D8783%26placementType%3DPremium%26embed%3DuxXdqAB3%26domain%3Dthestar.com%26player_size%3Dlarge%26player_width%3D690%26player_height%3D388%26player_type%3Dfull%26version%3D7.10.0%26player_status%3DLVFDLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D12%26iris_id%3Diris_dcf68d8fc4831f3d%26iris_context%3Dic_4338203%2Cic_7095941%2Cic_9146060%2Cic_2291553%2Cic_2416407%2Cic_7753435%2Cic_1612662%2Cic_7489517%2Cic_8328276%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_8555203%2Cic_3203444%2Cic_0654910%2Cic_1115791%2Cic_7558382%2Cic_5063263%2Cic_8639826%2Cic_9493456%2Cic_0460104%2Cic_9954675%2Cic_2592227%2Cic_9677800%2Cic_0702701%2Cic_9707283%2Cic_8636446%2Cic_4030877%2Cic_5006431%2Cic_2375829%2Cic_8717743%2Cic_7032324%2Cic_4895920%2Cic_1199018%2Cic_9379217%2Cic_5288479%2Cic_8881910%2Cic_6369906%2Cic_6699434%2Cic_2258785%2Cic_9802693%2Cic_2658254%2Cic_6765345%2Cic_7839800%2Cic_7057969%2Cic_2346818%2Cic_6400126%2Cic_9936075%2Cic_5601324%2Cic_4981813%2Cic_3022587%2Cic_3369284%2Cic_6871098%2Cic_2006330%2Cic_1302571%2Cic_9448222%2Cic_7250048%2Cic_7858774%2Cic_9754885%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=DE1DE1DF-96C5-45BE-A9A3-ED97577C2917&adk=2458199627&correlator=3311271453019854&ctv=0&dlt=1667011281055&dt=1667011285641&ged=ve4_td5_tt1_pd5_la5000_er6242.1190.6397.1490_vi0.0.1200.1600_vp0_ts1_eb16491&idt=3962&is_amp=0&omid_p=Google1%2Fh.3.541.0&osd=2&ptt=20&scor=1234899722338158&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44731965%2C44733378%2C44748969%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.541.0&sdr=1&vconp=2&video_doc_id=2327069&vpa=auto&vpmute=1&nel=0&cnc=58580620&kfa=0&tfcd=0&top=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&loc=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&cookie=ID%3D9ac9c8737ada4af6%3AT%3D1667011283%3AS%3DALNI_MYS_oLQjzJLSDCnYmdPo7gR1lG8-A&gpic=UID%3D00000b799c48ce4f%3AT%3D1667011283%3ART%3D1667011283%3AS%3DALNI_MbUgNLo5QNmDcS36bPdmb13TuNvhA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f10b37ef542ceadc01a0ab2582ecb8ca359a1851fbb0d1c2f58f26bbcff915bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7324
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=907668147450411&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B2ED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y8gPFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
vast
bid.g.doubleclick.net/dbm/ Frame 81A3 		27 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AvHe0dxHAzAtpXI8dR4387hbJMX-MoOSTtnWU-08Co24W8V5ELyIz6Fflcxd2ibxQa1BpcdUny7fYqtbmtCItG9l7vqA&dbm_d=AKAmf-CKrNHloRoF09KcwYqvgrCEW5z9CQompeEOSdARhgYH-ype66tX4HlNBHJtml8zb2hWxG7Yn0Q9oB46yIixPynvTvN1V37IxuHBP9VfTHPZaw5CJkThpdIg84CCR3VSUcN3s2bflds2wL7icnZhve0sabYbD6tqOLl1np8TCjJm5mx2l1XrcNVwr7QnQClys-w54IgfNsBourt6ERJFYU5xq7cyq0Nqhe45FhAhzlDhxLaSNQgTQzhzA3V28dQiLy-qLN7sa2rvlapZ8cFSxYZ0SVsffpxERkI0sILv6cb61BEy3v2ETPiTrv-bvwnne6v988j739v-4sK0joaFkKqELFQ7G7g6jio7N0rkIaw8ze5k7gdADPvGCcznHx7nTUQSqvztOjSFXw-zuls7W2TCAvTjJJszbI3Owue2uBofZpqOEAYWqhsr5ZFKYWVcTT0bdYfR1PkRrITo78b5vr5TGSm1AmmOHytwImFIwzg1RmGb6YYhEPoelScac0G16AV6va_noYDVAdnROED45fzyR4qiTOmFijaeX3fE3VB9CVIUnOMxt0x5SwK9jD-DYkdT8C9TiuKOABMPKYL7JpQf_38JPYFoI_YQttpcm311bw4uc7J8JL9ZetEu3Cetu6GTf3P569Q8NV6WdrokKSC8YChXQCDDKKmOKLjmJ8ditX-WbARuc8wuIA2YLMvotjYmtpIImDnqguV1LGNikzgvAmTA56F1ENTzjLa6vKeReYTwft1PjNo-bwUv7uOUxexPrJOhsaHXUvY0Dl6pvBH0H26s_wQ6ZmKKO-S_PKG8Wg8DEi_1YCJsrzXwYzlkvebkBdiyYk-HZfGMVaakmE1VFVh7I6yThaylkfI1nfCh02wwoiIuEFbh2DC74TbW2eUYD0ZIL6JKWhSRKCAa1FjGitDTP-YdO-2hiMJ-dI_V8-zMH3usodj0rkKEqBFtXN7uoF6juAat0ZoMwTu1v9Kl0x_qIcBn1TxSe7ygh84I01Y6TEtBsdEnSDpjpSz6Y7wJhibpuJKxArKzVuI7QtFThEEsw6RM-b9WmDYM3yGkv5tVPofsxmNLPOWIMB6jm_nRUGOqMUkaK2zMKIf57TDV337AAIqjhI-nw26O3AaB-3HQVAMZBsmnsHG8K2JvWGGcuZsB7wIDq2LnUK9d5v7Z-VY_rvTmpvbv42MjRmACcT4jHqhjGQdQ4O-SaB3iG2E80NXV5qw5UzIMM69hrvplkAg7P-wh8MPz1u9om3Kv59VVpPo-62WsfroCpsqpL8tj1NNIaxEM1nyjqe8MYjC8J99E-8wueZd8SBGQwmMYfKvOEWMsbJpOehHch-VHGwqb76sU72iG9rSpAV0vIegX_SnQZE9nyyFhKj8YoQZgsk5yCoIm-tD6UKXMWg7eH11mgpYKN662q9sHZsBIU6WnD5ymeKSzNgL5xxgVYb4_639eKa8TwzwpG-I507xoljVEK7XKcLHnw_Wzzt9KCP2JhfGG-T5EOseS5MSioaQwbMrwHIjBoTdsj8PD0hf3Qv8-wtQJgJenpth9EMsDtIpV3BvBrszaN1bj180Pw0WFbFWgJsAqtBoYLE4svl7Nttel7O7PxtrPN3kFwDeBAL38C-nV2kWLZEFL0Wmk-vQMBR2Bq-xl-FACXxW4XHNcDtZbJhtSo7tx_jU5ICLQxf8aBjBVL7EcWdrV-0n_4Q-syzWTb8lWb0Ehe--Pd0zISqICmcDAlXd3lVOIYxEVMZjT9gVDmoxQq3muwzn_p_SmPVV5TWM-tpeFab-GYAYv8uR_srlreHnvy7u0yH0tCNx25UyJmkw9O7Q-OLQRx1GX-89vYgYhAQfcouBzHiRIiooyuQf-5crur7JHlggu6vgfqKZnniCpe7dNMnVCGNv6plIJq8naRWXzhYY6sT4-9UZF02yseIfcpKCm6zmIndsPaplgD46opKh05Jfl5jZx33qzvNkeVywf95GcYfmtzwsNDHW3ltxWjRY5_E-UXvEl5Ob-zncxkRy2vnMAnlZ9zvuqMolCzP-PN2-1bT8VH5dPh8xcGzX8tGI6iedcAwmaxOUvIJW-MMPMCh8W0BobVVhI4QKJ6NbFPPV4GK3sn-Up554PMafgCsTMVOrFaYx-ERJFgaS3497ZGkL_uptt29bJUAWt6QtKsCcHwsDbuVVTBAQ50j4R7gkvxx_SautzobYF9KAJz1Z2LK-jQQUrnC9xU_IAOCuemKSEH7wzSzKeyrYySmDttfgR7rRit1ZAs57Nv5F9f6GvTVjU4FS1w9rAEyoxRHnF6_7DoC3Fa_5bguIUxb2xWavdGFUThEyT8OhwIWbSkPiA8em1be2N46RubwLWxnJqYbkHYhHVAq1QBDezitk8hgv1TCjaToLjG5_lYFgyhc9QSSoWISElyMUPgVtXScXI3JtKhkJUVrn5u42_7ibK9za7WWfxx8AQGglFlIsGyYN_gFtAj_kAwknJzDXiAmZngy9O6t_8SAPlzQ-XFN4xInAxpVaTIlG7ohwyYiktXd2Dwoze2FCAmBp9e3OfJdOYWx4omBl0d8gIibNNpqVW_8Paq0kQuLZjs1eD6hHkBzClVu818MiFnTbYuiyUBTArqrpXXjVJppmHQiDh2w5nXKf68Z9y5h5kTwi4K7coxxauMpsoE38cR_RuPvXlN99F7KBiuD5MSPb6J-PMihNfgoFlVj62S7IBRk1WsyXFa7exd5N2jQU9M7Vji-pT_xLTBVl2teAVvo9kwWH8C9fsOPmKVsx0Ik4n5Emma1JjqACmhaxF3kaCbRHZu4wSI1cvrqK86VYTNkuVhG8UuGGCQUi8-1agTLYob2A3xwQEiWinNPjhJJ-oCtpbk7UyKCH7fRfUEHaG2cnxlrCNk4jtJP45YpXXqAs7vKQaY7v4JozLgnWEq56z3ggddXOvyBg8es1LRzzMDODKcml5q55008K3u6lGINk0JsaTKdouSkET0izH6EJREpb0leFg7mbF_Nyfiwl9_kKRMiHmzp55ubVxxcOpSeSMyFM265JfkFERDZh0qE7VZho1QQASSzE97xiEPW2Uz7NeCh5V0Jzx2iwufVi1S2tzRQRMoeOQwKmb-OX2CAI7PMed5ydn-y6ZTT6ygC0NI8u2FnN9x5MvtHiVotDV-4aSOl7gC63tsuKJMBkHDfIAhgFg8RzhmBAPqc1eLAaybHHtWd2Kiot9IZqW1Oba9ZJRuHOoWAAeItpFo6J0e9hrIDT_68rInNtNcR9VMtQT5TtPWvZfOghEJI6Uk1Tp0ZPm3HrTSh5EADHsvvGZACTqd7koIQ_xaHdjRi4FK02TfMVE2gXLK6ZmGZpMnaK065ZFDxh3oPL5jZWxHkzVn00YraLNULT1Uq_E0wH6EAsnQo3L6lTliM1oZtpUQrwS_-19t3krndYyFbe-GgBTlDFHi76RT-ERhSODCUDrIDzKcEEL6VhsBBPGCWuUHqFZ1Qf5AAE02aqZ5qp1_2cJHvcnlMl3b5ZVgbuKi0cmYfhgms-Sf2Pq&cid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4&vpa=auto&vpmute=1&vconp=2&sdkv=h.3.541.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=false&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.541.0&sid=DE1DE1DF-96C5-45BE-A9A3-ED97577C2917&nel=0&eid=44731965%2C44733378%2C44748969%2C44765701&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&dlt=1667011281055&idt=3962&dt=1667011285985&ged=ve4_td5_tt1_pd5_la5000_er6242.1190.6467.1590_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
cafe /
Resource Hash
b915d3a7813f6a53e5b8c0b1ea8076c1b5dc0e023e5c3717b1203755c7a03ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16686
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
66419882
unified.adsafeprotected.com/v2/1215946/ Frame 81A3 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1215946/66419882?mon=66419885&omidPartner=Google1/h.3.541.0&apiframeworks=2,7,8&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssmI0AEoGqfMX6w-1xK6EL3qa8d_kZCpGWIeUM-tcJuDAIw0-3bdiVjhzWF6LXPHtes4jiHCW5J7bORa4gOT-P1jY_NOh2uD4j7FyJqGRn1loJqksfgceOvqq6YyB0m9Odn2Tn6IC_ofjTf1oDAIZ9jyJPSjL8g4tw%26sai%3DAMfl-YSjbAWte70PrG-Bu859YjNx_G35vGWEm1VoJKnOVBRyAU_JXmun7LI4xQ-KK5OH95rRbvU9Oaht9415WUtfEswuNK5HlJ_HYy58VWdYQY8kppNvzUInpoFbMifimfaw9A%26sig%3DCg0ArKJSzJXfdI2GMzGqEAE%26uach_m%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1009465732&ias_pubId=&ias_chanId=1&ias_placementId=18585806795&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1439922.279382DBMTP-LG-MIGHTYH4/B28675465.348506651%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1009465732%3Bdsp_publisherid_0_%3D%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D18585806795%3Bdsp_bidurl_0_%3Dhttps://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html%3Bdsp_dealid_0_%3D%3Bdsp_impid_0_%3Dv4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.541.0%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D2458199627%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html%3Bdc_vconp%3D2%3Bdc_vast%3D4%3Bmpt%3Dstnvideo/player%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNjY3MDExMjg2MDc2CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdDFmVFdKbWczcnNyYXlCRW1MZ2swLWp3WGV6LXp1dk56Sk0xWi1PX1pPRHRlbnZ6UEZvMHNQczhiZzVJVUxoMFgwMnVOUF93V1ZZMHNMc1BhaFN0V2xYUFpvWm56VldkLVkxWmVZVUpDTE1KbmVpOTdlVi1JUlFqUjVMR3BPRm80eXdpSjAtRDhGaGZZeXVlWVVJYld6dWpkcE5vZVlPSXF2ckluT2FrLWxYYzFMaS1JMUtMZ1p4VTItMFd0NGZGdFQ2OEN3U0ZKVXh1YmJqbjBPRjRzX0dDWmVhY1lZZlRIZ2NIenRCR2NNRF9qQl9USE4xVkhrQ09NSV9EWnhxVVBpcTI1NGNUc3RrYi1nYVZTOTBBOGtXbFJqYkJVRmtpZVVndVZlTl9sY0lYQkVuNFdlbHd1TzdsSmMyUm1fY2NGREpxVDdia0xjcy01N1RjTkVqa1c1eFZhMUJMRWU0c1NDdXIwZWd3MF8wZzJJMjVUak1FdzM1QkxCUlU4QVlTSEpJTGJvd0ZuQ0tjQWpURHNlLWpCdVdjd0NGZnpYTENON09uZ0NqYmJfUFBqV0xJTE5oWHBIdnB4ek9tU1ZTR0dWQ0ZrNExzNzlBbUVvTE5KYlpqZnkzRk5DY0dta0pXZl92cklrOXNZWFVRZkRuanEyQmFxdkdTV0JROW9FYlhGRHlNamdQdmctdmh6T1J0WnFYRW9wMFVuM2dCbFZWOGtFZXh1TXU0NTBhem9XZDJPUGhmd2lJckJnR3RETFRJdldXbzFuMVpURjh5SlJWRFh6ejUybUthaGRiVGZEMVRrSTZwaEp5MS1wbEF1aFJBRDlWTHEyQ054ME96OXR2QjIyMmljLXZVbjdhemRWMUJxaWhzMk05QzJBV2E0X0xoLWdyQ0dERUVwSzlCcjRsb3FFRlAzTGptV2p4cHdiZ1c4a1BncDVQQy1SbmgzY2czazVEbWk3cmtpWXJ0SGZhTy1NWUtWTHJSZ2RPTnBGd1dhdUJuZjhTajhxUmVhcHlEczA2RnlIMWlaNk9vZEhmcVlYaDYxUDVMajY1eXZEN1lMcGRjZmRCLW45ZVphQzZfVExyOFNBbDVRaXY1Wm9VZFVOMEY1b0d0ZTNjSXMzRlU1ZnpfS3UyVHBzTWEtTEZaWV9fOEJGcGxXTXByeVBrQ0s2dm1QRzh2X3lfUk9Ma1c5OFBtemw1UDQwUWpYRzRnckk5bHRZRGxSTFYycGYxbkdoY01OX3g4NVVfMkRFZ1NFeUYxQWg1NlBRdHlNSElrNndLdGQ5Z05nNFBLb09kYkw4UDlQT1N0aUFIRVdxVnMyNGQtb1YtZTJSQmx2UC1xQnhQR1A5ay1pd1REUmpnZ3ZsMV9XQlJ1cWRUc1JSOUJ6eGlBVW10YkFYZE1VQUgzaUZ1RFdndFhvU1g2X3JONUJvcEV2SmNXMkNreWN6MG1PUmxpZmdtSkt4UFZUV1N3R1liRTljeGhVTkZBRU9NQ0szNWFtSHE1ZnM3U1VtVU5SNDVTMGZndUFKa01CYm5JcFNtMGZwTm1mRXREYW5TOS1tSnI2dGZOUG1DRURXWGs2TDlValItUVY5NDRFa1Q4QlJINU9TU094QXAxWGl1cjNIYTBuZnR2TnFjVzNzd041NEE5a0FOeDZWTjN2Y2F4NWxZbzZad3o5UVdSaXhpSTZock5LSS1ZelJhZ0NFdUEmc2FpPUFNZmwtWVN0akh0RkxPTGNPM05PZ0pnOTRVV1JBZXpkNFVhZmRrNHlSX2tDWW9wWDNNa2trNTBCd19hazFRV0lKWVl6WF9WUTIydkl3bXJqTHBrbktTVXF1VkhlaHBNRUIxTWhTbVpreldjTjRRbnVMVU5DaWdhem5aWWxQWElramJaTWpCb1ZxV1VKeWVFb2tvY2FhY2I4dW42YXNCcHFrNjNMR0UwUUY5cVFrYTNfSEJFMS0ybDVWY0VoMHdRZXJLVVM0RVJ5RnBlbHpDdDRqUGROSlJsdFlHU2Rac3pjTHRmaVNNX0FLdmpKJnNpZz1DZzBBcktKU3pMVDBCb3RZUEIzdEVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cubGcuY29tL2RlL3dhc2NodHJvY2tuZXIvbGctbHN3ZDEwMGUlM0Z1dG1fc291cmNlJTNEZGlzcGxheSUyNnV0bV9tZWRpdW0lM0RjcG0lMjZ1dG1fY2FtcGFpZ24lM0RERV9TSUdfT1RIX0RFXzIyX1E0X0hTQURfRFYzNjAtQXdhcmVuZXNzLVByb3NwZWN0aW5nLVdhc2hlckRyeWVyLVNpZ25hdHVyZS1WaWRlb19sZy5jb21fRUVERy1QTE4tMjAyMjEwMDctMDAwMyUyNnV0bV9jb250ZW50JTNEZGlzcGxheV92aWRlbyUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D180088266%26dc_adid%3D540220267
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.85.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1031fe37ddf6e2dea43b692a085d3d13834d19476232256838682df634bf314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:26 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5761
overlaydata
www.thestar.com/api/ 		71 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f25cf42a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-46.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
f717b813543dbf43eed2e072a4aaa2eda4ef6f6fdaed98a1c30e4c4807acfde5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"11a4b-BblJkhso6ET0nChcemQFibLmQJo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
Tww3aBCk5yyUdLWiXSPJ9mw-lVSrk8GCLd0qi_7w21O4ErMWxhrYLw==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=907668147450411&bg=!gIOlg8fNAAZPh4lnb4c7ACkAdvg8WllclAJBXgxT6zuRuj9G8IyElS2R7gY1rTKM0xOxoZn4aXvhKQIAAABsUgAAAAJoAQcKAJt98D9qkmffWNTr_hO85dpmZWRWgZxDRgBbOSlCbY1Ib5JJa7_ArgGyKf2bkZg4w9LpxKuNzJ9MRAnfnYEP7WhwT5PcMEr7ZP1xRnKNvITJFd0mDmkXv2g9VS4CRbQTU1kwCkKLVHDZ448PU8so15ejPWYSebW8TztqE4sYuRZ-zPzlC0iZjVShbPfxxW6NYh7C8elNJWG53RGMxJkCo66n1O_IdGgJrEO9nV2BgriFzgxov7EjRJ6xCYgghSYCNVj0LY-_WX8XCTnWEmzRXNXAIw_heOd347pykbgC4FsL2dm6y8KemyBHJ-u8EBYcLbuuXIbGs3cm7d8cgOtB0gTNH-7lPTAhivpXnzlo6woWfpoL1Zy-h6XAqYiy-xe6_s7C4NYRe8KCflRY0KbJkTndT6b2sT8yNIvoVrb6BVd7OqLZiB2dI1fZODMe-Gd_57F9pSsfdmDysLOGZR0DfqXKBllacrAh4vzpzXaONiwjscpOBr9LT4veUO7ajfJkYybC9uhQlF-VjYSmVNYW583FEzvv_56J1cSjTuQqGlocnUvPCGaEd0ToztPskaQsVtslwQsrwDVyCGdIG_FXYhFEnUmDqg105-JyFDMjcAv6HuURDbxIug9arwptmz_Z8-pD4t7pBjmQrCDazEZUnNXv9dZ3YI6YdVso8Xeb2fmA7GZRAliTX77jtrEWlMHsZpve6agRanVEH4ms1EbulmRc8bqa7Mu6mGoTGo9kYk3HIdgRUIFJC4xd2D--IsWjL6vpGzwvoz0wsBTEMJY_ngLeBPz2Px-Ll9coVIMS20k1iX_JLddXpfDPwLfv1eqLabs6zBF_3v7Qx1FOEBRBYA85-b5ujzuxh5wUAlQ-uK_nF7PWPNfqnUtU1XUV5tJk7FpLmqf5UzBp5q7uxc9FrXW73iqbQV__mbq6jbgOqt0kXwYW9YU1KRY7srPBuafAa7Fxldx9t12g9XWaDqa3HVIXl9BP8ms8RDcHjb0M6BHasd8edmzH_NeM9aApJYc4zw9ZUslzntMpV43Jbyc5UrR1buhkW2lGSf9sFNwbm9tKq7ZhIvrgf5_2oths8sK2RG9B__lCEA4xxvVp8cQSiOGr4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 81A3 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9tbh7l7&c=7269397462568&slotId=3634698731284&qqid=CL-ylfy0hPsCFcOSdwodEScLyw&gqid=1ZJcY96tKJeS3gPezYWQCQ&fb=ima_html5-lima&sdkv=h.3.541.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&wta=1&ghmsh_eids=44731965%2C44733378%2C44748969%2C44765701&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 81A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C28b71ZJcY__zKsOl3gORzqzYDPjTg_ZssryRtNYQl8-ivcABEAEg8ev7RmCV4pCCoAegAeSgwMIByAEFqQJUqVXC_LewPqgDAcgDE5gEAKoE_wFP0Bws4cALXjIPC9hFQcrZH3l82Zh41NTPjXsAdNMzr3hkCpa5dQx26qRh5QiO03YZJI66Pu-xTz2GpNs4rMv7m95ctCMzXBA5Z3QBFfbcI7D58UI7x9Y3GlX-6qXPO1RV1kLuj7XgjyMEKOabBAKQkOnUplkCUEwHpdbyHSGZxXzi9o_z39KyfFu-RsscgueMoeGOqTHzC06scE-VYTPfxM42e6EnDOd3q8-B3C6nDoxvvpPoY49ikz12R-84EY-a6RsPwmNTsPcsxRNFgsqR0VBAfvEj0iuIChZzahl6DozyZ5PNmzT-ZOwSUYGuTW8xWPeVWKruW55fbK3aPXzABKT1mtalBOAEA5AGAaAGToAHhN-_vQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUzMzAxNDY1MjgzNDQyNTiACgOYCwHICwGADAGwE6mj6xDIE4TzrOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=ZQmFnFBGF0s&label=video_ad_loaded&sdkv=h.3.541.0&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 81A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C28b71ZJcY__zKsOl3gORzqzYDPjTg_ZssryRtNYQl8-ivcABEAEg8ev7RmCV4pCCoAegAeSgwMIByAEFqQJUqVXC_LewPqgDAcgDE5gEAKoE_wFP0Bws4cALXjIPC9hFQcrZH3l82Zh41NTPjXsAdNMzr3hkCpa5dQx26qRh5QiO03YZJI66Pu-xTz2GpNs4rMv7m95ctCMzXBA5Z3QBFfbcI7D58UI7x9Y3GlX-6qXPO1RV1kLuj7XgjyMEKOabBAKQkOnUplkCUEwHpdbyHSGZxXzi9o_z39KyfFu-RsscgueMoeGOqTHzC06scE-VYTPfxM42e6EnDOd3q8-B3C6nDoxvvpPoY49ikz12R-84EY-a6RsPwmNTsPcsxRNFgsqR0VBAfvEj0iuIChZzahl6DozyZ5PNmzT-ZOwSUYGuTW8xWPeVWKruW55fbK3aPXzABKT1mtalBOAEA5AGAaAGToAHhN-_vQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUzMzAxNDY1MjgzNDQyNTiACgOYCwHICwGADAGwE6mj6xDIE4TzrOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=ZQmFnFBGF0s&label=show_ad&sdkv=h.3.541.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mjc1OTYyMzg2MDNAzQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDAyMjAyNjcyCTE4MDA4ODI2NkB7Cl4IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gAioJNTQwMjIwMjY3MgkxODAwODgyNjZAtAFSHSUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 81A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C5Vw01ZJcY__zKsOl3gORzqzYDPjTg_ZssryRtNYQl8-ivcABEAEg8ev7RmCV4pCCoAegAeSgwMIByAEFqQJUqVXC_LewPqgDAZgEAKoE_AFP0Bws4cALXjIPC9hFQcrZH3l82Zh41NTPjXsAdNMzr3hkCpa5dQx26qRh5QiO03YZJI66Pu-xTz2GpNs4rMv7m95ctCMzXBA5Z3QBFfbcI7D58UI7x9Y3GlX-6qXPO1RV1kLuj7XgjyMEKOabBAKQkOnUplkCUEwHpdbyHSGZxXzi9o_z39KyfFu-RsscgueMoeGOqTHzC06scE-VYTPfxM42e6EnDOd3q8-B3C6nDoxvvpPoY49ikz12R-84EY-asRqt3mtpJsW-FJP3lmAjhtfbOk-4svskasb3HTtwrYbbfyc-L1Qu6jg6f5k-1-x15k5BcIb2iCv1eAfABKT1mtalBOAEA4gFy8-znkWSBQQIAxgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeE37-9AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcLELbc-wEYudK-1QHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTMzMDE0NjUyODM0NDI1OIAKA8gLAbATqaPrEMgThPOs4QPQEwDYEwqIFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItOTUwNTgyMzc0Mzk3ODMzNxi54ig&sigh=dIUKXVdXZgM&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9EHaOBR1laDjiEDa7KbfqcYFdQTnqo4aRhwyOY3qwRXtc9DKYgASGIAWC0O_FEO16ggjq1p5AqyAT&vt=10&sdkv=h.3.541.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mjc1OTYyMzg2MDNAzQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDAyMjAyNjcyCTE4MDA4ODI2NkB7Cl4IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gAioJNTQwMjIwMjY3MgkxODAwODgyNjZAtAFSHSUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 231C 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e37f96c62c49f9d4f5c380a3c6dc781f016db921aa65dfb217536bad69254d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18668
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 11:58:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sat, 29 Oct 2022 02:43:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1ADE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyvedo_zIHt_vg_CkzsUaXwTQhFfCnfKxz7iKXnA0hJcevvde-Z-pwPuytIVT49rV1jAh9xBsTMOgX4aHtpyHZNRZLB4BPrReGB6O1dd4C8r8glxpe-MHEUwnNSMncN1uSoZfTMENJzS69ytMeLCbcyCeL_nXw-UMZJCqt9pqVOKjLcKPODcESFsWz1UhtRBS1aGninUhbEZLExp8cqTUdT5JgfuSZah3kQkYTCVoWkuubUvnVapX5adP2sn7cR9fG8NlqXx9AJYMfaft6rWk81zy3fbxETs2nFa3929kFUP4VU-ZjefnO8N3yniKzM4BObyMYNROCgJQbuUQr8vFbJwK94AfRXypTn55svFsqXu8yEdqOrRuLRlFtXMxovAd6eYOFZmSEpxc80daOObGFDde2v-J41LIO64VbKxrewMDzMjCB0mfeSdpmzzC6s_x3o1PJ-gQ14fTWT-21ABl-p4uiblYiBfIJh4nCFMslLOy_youQNEBxfwDeeec5zFmIzCOLxd5-rW7Wi866VT3OtMOUDad-W6WOul588AVZtPs-ZxmRIxgi5VlgY-ahh5Kc_j3NCbLMYV49gM_Kz5cWS4YXcnGCzaI46599eQt4foKPjvIArCJPd8RQ_dP0KVI_c2UML_mGlfHBhJyxAgwz6gxOzKzKqy3VUpUnZQ5HUlicjqRLfLmsXGfByMUsgRSNjWnr4Td_VwbjGbP6Xa_mobL6jV_RpxP2QreKwwSE2Pus2IR0Jyjgd1U3ngocHbIlIoM2YbM_fxvoDMvR42_lmqeYoknbAK1ju7NxsLMACVSFjCxyPlOR10ptj0S0SFm2uh0tvAmxYzRpWCb-RJqrPtiV9I1v5EJkZdC8mGKmQUunZHZYlTvzno5mDOrrUDh39oN3u5u7zZB75OmCRYW8V-1niS9SgXjvIsSozeGUc3zGueAyOWC5HBjZqXeMt1sOqVAiYFYya7aPUYsqiXUqieCeuRqE-lAhWIesX_UZnylOuKbk455_Uy2i8lN3Xg3w0DDOEPtndv8bBrkfh4H9Sl_2MA0cXDyOf6LKCcDonD66mpCgoSmIgSKzF4E9zhaFjqnR2pErfLsXU_Bc6b2sqWxavzbLTuYivvN7RCCTInGACkO2O1ytg28quoVYSroxGeJr2udDuCQkq6ga_pQm4LniMNclwpKVl7ZPEno75LjirYlX_Zfr&sai=AMfl-YSUwdKsInXky_tRttqSH273EH0yLm1_FxidYn2v0_S5D8JBUSPeATN7PqnwFx-VnyE9R8cbjEo0m9Rf5r1wAeea9jJK5juoz6einxCW74MERolXhWN0jx3EXaloTviN-G0071gHIlsiky0U-4n401dfEnkE1LeiTReYEw&sig=Cg0ArKJSzGAPtX1D-PlMEAE&cid=CAQSTADq26N9h-cgx9EGi8RwKtjScJHwINgucz7BX3_tzy-Dv809HEx7KEEJEwIs2SWYMJsOcY1DfPl61US7fGlmS29en6d_heW4cYclZGkgEw&id=lidar2&mcvt=1001&p=10,436,100,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1.23&if=1&vu=1&app=0&itpl=2&adk=2804206232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667011284606&rpt=724&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load-cookie.html
elb.the-ozone-project.com/static/ Frame EBEF 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
11885
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 02:41:26 GMT
expires
0
last-modified
Mon, 24 Oct 2022 06:10:56 GMT
pragma
no-cache
vary
Origin
load-cookie.html
elb.the-ozone-project.com/static/ Frame 60CF 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283639&bidder=ozone
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
11885
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 02:41:26 GMT
expires
0
last-modified
Mon, 24 Oct 2022 06:10:56 GMT
pragma
no-cache
vary
Origin
vpaid.2022.10.07-15.18-3efd938.js
static.adsafeprotected.com/ias/v1/ Frame 231C 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2022.10.07-15.18-3efd938.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da36a515f178882982b5a6f31b13d35338b0e146b38e2562cdbd6a763e6302aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
k_P7PQ4geL4w_ortwjqVJq48ArnCjcpo
content-encoding
gzip
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
date
Tue, 25 Oct 2022 03:40:04 GMT
x-amz-cf-pop
FRA2-C2
age
342083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 07 Oct 2022 16:09:07 GMT
server
AmazonS3
etag
W/"e4165a8e1541d2129e283efbca8e75c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
WJiwpJ0_eiJu0q46OQglK6KQUTmviuFCCfGSkgWGCHM87bUtAI1zsw==
RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
237a90f3a06b5a034ab8716f6c5ecb54d973748ca969933af09b3997e4f1c75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:42 GMT
x-amz-version-id
n1aco0Zm2pfpAZ.jU1tGSrAIPh32QZxk
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"4158b77c015639080481727b423066b8"
age
525
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
BImH0KUOhXFj_4a7zEv-Y1eFfiEey-k5_0Kf7CSYsxheEXBxrMAsRg==
cookie_sync
elb.the-ozone-project.com/ Frame EBEF 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
640c18566ee861883c41bfb49146c6fb048008b7281bc839040b2c64377c1356

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
513
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/513?referer=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&bcsessionid=ceee2f53-c349-4974-ba57-3002e5aee1d8&bctempid=&overruleReferrer=&time=2022-10-29T02%3A41%3A26%2B00%3A00&ts=1667011286685
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-22.fra2.r.cloudfront.net
Software
- /
Resource Hash
cdae3c6e7a64f9edc7f5a3891428c6082f7b08328d5133ce9f6fcda6f9536f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2597
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
9BSwllaZEa2gMyHOxV7D_QuV2qo_QAjLQAArOWdsdhErZ9ggXcrMZQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie_sync
elb.the-ozone-project.com/ Frame 60CF 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283639&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2a9c17fae0a6e3fde4571b86838f25c42312203d5c5c5acdbbfd36e97e36f78

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283639&bidder=ozone
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:26 GMT
AN-X-Request-Uuid
084d7104-df02-47b3-9ba5-04a8360bd4bd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/db2/video/1215946/66419882/ 		40 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/1215946/66419882/skeleton.js?videoId=175439dc3c1096b2cd9e7533db8ed665&adsafe_url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&adsafe_type=abdq&adsafe_jsinfo=br:c
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.10.07-15.18-3efd938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.163.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-163-202.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
X-Server-Name
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/javascript;charset=utf-8
timing-allow-origin
*
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/1215946/66419882/ 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/1215946/66419882/skeleton.js?videoId=175439dc3c1096b2cd9e7533db8ed665&adsafe_par=&apiframeworks=2,7,8&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmI0AEoGqfMX6w-1xK6EL3qa8d_kZCpGWIeUM-tcJuDAIw0-3bdiVjhzWF6LXPHtes4jiHCW5J7bORa4gOT-P1jY_NOh2uD4j7FyJqGRn1loJqksfgceOvqq6YyB0m9Odn2Tn6IC_ofjTf1oDAIZ9jyJPSjL8g4tw&sai=AMfl-YSjbAWte70PrG-Bu859YjNx_G35vGWEm1VoJKnOVBRyAU_JXmun7LI4xQ-KK5OH95rRbvU9Oaht9415WUtfEswuNK5HlJ_HYy58VWdYQY8kppNvzUInpoFbMifimfaw9A&sig=Cg0ArKJSzJXfdI2GMzGqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&urlfix=1&vt=13&adurl=&ias_campId=1009465732&ias_chanId=1&ias_dspId=3&ias_impId=v4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv&ias_placementId=18585806795&mon=66419885&redirectedRetries=0&xmapp=0&xmtp=v&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.10.07-15.18-3efd938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.163.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-163-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf5583ae55e3a6a77b3f6c9e6d5648a2698c18fbc33e589c008a232c5721906e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
fundingchoicesmessages.google.com/f/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9eb57e5681a18447f92f6af08e4fd435589ae40b1be32c6b3d15bc3e7db2852e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-reQO5mWOFKT5O3NnumuD0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-reQO5mWOFKT5O3NnumuD0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
RC5e3aa078185a404a90c26089a206fc93-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acd01dce23abc93e39fba172ec383983448699bdd3d04892a3747cfffbdfb1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:43 GMT
x-amz-version-id
OwYwLU5XFp908nX8R_1KAOs.DHBgaKd2
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"39cbc42ac620e98c3bbf946f770b64b1"
age
524
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
vFj29o_CR1EGDIE8cfETB2qkByCsmwSvXJdZYFsaOPXtKkRGquzBrw==
file.mp4
r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,ita...
1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29BCEF4BE15B1D84FAF2BB3A342B844B33CB348A.0D4D8A01BA09C7F1FB0C3F97AD79A2EC162F9352/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011242/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:26::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Oct 2022 13:37:42 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1426450/1426451
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1426451
Expires
Sat, 29 Oct 2022 02:41:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29BCEF4BE15B1D84FAF2BB3A342B844B33CB348A.0D4D8A01BA09C7F1FB0C3F97AD79A2EC162F9352/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011242/mv/m/mvi/2/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
0
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
date
Sat, 29 Oct 2022 02:41:26 GMT
content-length
0
events
pixel.thestar.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.89&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9001:8e3d:635c:9121:4ea8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Sat, 29 Oct 2022 02:41:27 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&rl=&if=false&ts=1667011286777&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667011286769.1209423815&eid=ob3_plugin-set_7e73f5497e9045db6928e6da36b26b72bfe475534ccf9b33651bedb659c47dad&it=1667011283844&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Oct 2022 02:41:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events
pixel.thestar.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.89&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9001:8e3d:635c:9121:4ea8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Sat, 29 Oct 2022 02:41:27 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=ViewContent&dl=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&rl=&if=false&ts=1667011286780&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667011286769.1209423815&eid=ob3_plugin-set_a0f1bf969545a60ca91cb110750de952cdbf0da9864b55e31daeea9519301b9c&it=1667011283844&coo=false&exp=b2&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Oct 2022 02:41:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
RCa6dc995f35d846ffa0ea0a5d7a7a1c2c-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RCa6dc995f35d846ffa0ea0a5d7a7a1c2c-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b115eded3cbf42d9eaeb7eb93245610cf4405958b26131528dd8e3f3d4aa7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:43 GMT
x-amz-version-id
jo_0zUwpQd5F5EXJOSrNogobFOCUz1C2
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
524
etag
"e3f6a06f5ba9f9b2a888c6e019319a3c"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
974
x-amz-cf-id
fWGfO0uuzDRZzpeRmggI1Gv1iFxFxGGMy_M1OAHyCGLHhDUtE7sSDg==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230035-FRA
RC518669eb80134c629229b164ea843f63-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64aa9f492840eeafcbb65a7d47f7027ad0a0e785f0a33a7ef1b207b41f0336ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:44 GMT
x-amz-version-id
ILB8Jzf.bvjrhdc8Q5zeOttKCLXu8TwF
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"11d707b348f90f869427f89f8c50cc06"
age
523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
jnSCdOY7lgTGc5adKeqbn8pmU9Y2KCuu7S_jlEK8PCb7-lLQnJfxrA==
js
www.googletagmanager.com/gtag/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1ab2a507e5548851a01f55b30ef7403e0ae2eaffedd20e0b23e3b7bdc2dc92a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71161
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 02:41:26 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2ab331288897ed4c8f539dae2b2b9b452ccca730ca25774b39178e8369365b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44019
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 02:41:26 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb5373062af32e61b428c7760f6bf45f0c0c8ad7f115b707fa0046e4f2b3a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71228
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 02:41:26 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64432269790b75b1159ec0211eaeb3584c288a71ba667d88462c32085f0848fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44082
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 02:41:26 GMT
RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
285fda095be94d61c83cc1751d34491a83b2c4c524b7d02a382d893d5d3e2ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:33:04 GMT
x-amz-version-id
OM5EHAieBswZxDvfBGs1jtdUu1GpeA3B
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"436378cf318dee58e9e029ec8b1b593d"
age
503
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
y5P3OSX_wXVHnWF6QsRIjXiCGeepfUosoZ3Ha3KO-v0lkOaT2wAQ8w==
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
0
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
date
Sat, 29 Oct 2022 02:41:27 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
151
content-type
text/html; charset=utf-8
activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2...
10230056.fls.doubleclick.net/ Frame A14C
Redirect Chain
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F0...
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww...
476 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
c9d29a3416619ea2d17e58aea9851733f7564756316c0c0866ed361ef1e3fe12
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
377
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:27 GMT
expires
Sat, 29 Oct 2022 02:41:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5cf17e004a172d469b4420142e8ced5c0c058c85e8adee76f00c0074d3e2447

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"d46ca479169e57f877e12fcf654873be"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1146
RC6284bbb1cc994fb4b8528a0dd4437cfd-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RC6284bbb1cc994fb4b8528a0dd4437cfd-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
649cffc7be27b75904c93769d7355583eb2513428adb5ed51173d6b2170c9d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:44 GMT
x-amz-version-id
rl6tKr60t6ost0NKOa0bMkXzlxn5dHlG
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"dcde4a0b16803f566fd956811dcc945d"
age
523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
GZc6pfpI-P5C3TvjYi53zq9fTDUf7aWVU2DPtQkvzTXzA5v4iDVXVw==
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b128fbe7-3ea1-4859-b089-8d7f4d3f6ec9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8197a59f-7279-49f9-b1e4-02cd34b454cd&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time
106
date
Sat, 29 Oct 2022 02:41:26 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
95c167460594e939
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
4ab9a6bd18c6243b98a069af2dd16abbe00921070819a39527d6ba7f8a20841c
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b128fbe7-3ea1-4859-b089-8d7f4d3f6ec9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8197a59f-7279-49f9-b1e4-02cd34b454cd&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time
103
date
Sat, 29 Oct 2022 02:41:26 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
fd294e9d7e030f5c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
7956146170dc049f203a3b67d494d89c323cf9de4fb68271fb5cb2f7c42363aa
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1667011286905&cv=11&fst=1667011286905&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&auid=1773267981.1667011287&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15010aaf65ff11ab726c1114434ae8c6636ee332cd68613f969eccf8ce968380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/db2/video/1215946/66419882/ 		92 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/1215946/66419882/skeleton.js?ias_callback=__IntegralAS_6fede1e4f25fd5473742040a073b5b65_7461&videoId=175439dc3c1096b2cd9e7533db8ed665&adsafe_par=&apiframeworks=2,7,8&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmI0AEoGqfMX6w-1xK6EL3qa8d_kZCpGWIeUM-tcJuDAIw0-3bdiVjhzWF6LXPHtes4jiHCW5J7bORa4gOT-P1jY_NOh2uD4j7FyJqGRn1loJqksfgceOvqq6YyB0m9Odn2Tn6IC_ofjTf1oDAIZ9jyJPSjL8g4tw&sai=AMfl-YSjbAWte70PrG-Bu859YjNx_G35vGWEm1VoJKnOVBRyAU_JXmun7LI4xQ-KK5OH95rRbvU9Oaht9415WUtfEswuNK5HlJ_HYy58VWdYQY8kppNvzUInpoFbMifimfaw9A&sig=Cg0ArKJSzJXfdI2GMzGqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&urlfix=1&vt=13&adurl=&ias_campId=1009465732&ias_chanId=1&ias_dspId=3&ias_impId=v4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv&ias_placementId=18585806795&mon=66419885&redirectedRetries=0&xmapp=0&xmtp=v&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.thestar.com%2F&adsafe_type=f&adsafe_jsinfo=,id:6fede1e4-f25f-d547-3742-040a073b5b65,c:soEQG1,sl:na,em:false,fr:true,thd:1,mn:jsserver-primary-79666768cd-64th7,rg:ie,pt:2-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tlChtrN+1*.1215946-66419882%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:23,oid:2f61f1ab-5733-11ed-9276-3a757825269d,v:19.8.359,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/1215946/66419882/skeleton.js?videoId=175439dc3c1096b2cd9e7533db8ed665&adsafe_par=&apiframeworks=2,7,8&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmI0AEoGqfMX6w-1xK6EL3qa8d_kZCpGWIeUM-tcJuDAIw0-3bdiVjhzWF6LXPHtes4jiHCW5J7bORa4gOT-P1jY_NOh2uD4j7FyJqGRn1loJqksfgceOvqq6YyB0m9Odn2Tn6IC_ofjTf1oDAIZ9jyJPSjL8g4tw&sai=AMfl-YSjbAWte70PrG-Bu859YjNx_G35vGWEm1VoJKnOVBRyAU_JXmun7LI4xQ-KK5OH95rRbvU9Oaht9415WUtfEswuNK5HlJ_HYy58VWdYQY8kppNvzUInpoFbMifimfaw9A&sig=Cg0ArKJSzJXfdI2GMzGqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&urlfix=1&vt=13&adurl=&ias_campId=1009465732&ias_chanId=1&ias_dspId=3&ias_impId=v4~~ABAjH0jGizbQ-ziBFHONsVfqS-Lv&ias_placementId=18585806795&mon=66419885&redirectedRetries=0&xmapp=0&xmtp=v&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b&logTestResults=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.163.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-163-202.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a605aec959dfc10aa9d50b22668653b7674bc031458f1eb202f7eddc0520605a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
content-encoding
gzip
server
nginx
x-server-name
app02.ie.303net.net
content-type
application/javascript;charset=utf-8
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
sca.17.6.2.js
static.adsafeprotected.com/ Frame FE04 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3236710
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
wDkqHWgBRLJQv_fiQ9GJiSdKCzkl6tIiwlyIzW2Mm2DNPKwkFWYwnQ==
v1
match.sharethrough.com/FGMrCMMc/ Frame 60CF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.67.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-67-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
file.mp4
r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,ita...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D854B60A637339D7304F7913020B7272F603A78.80C99930E76C927B14441B85EE6C4B7A72924578/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011015/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
H3
Server
2a00:1450:4001:26::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
822ebeed4c3acf180cf98318ea3bbde5ff0743badc21cd6b5adc55dc9de9dec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:37:42 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1426450/1426451
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1426451
expires
Sat, 29 Oct 2022 02:41:27 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5lznls.c.2mdn.net/videoplayback/id/685bea62462dab42/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809943550/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D854B60A637339D7304F7913020B7272F603A78.80C99930E76C927B14441B85EE6C4B7A72924578/key/cms1/cms_redirect/yes/mh/bt/mip/2001:ac8:20:3c00:1012:47c7:791a:5595/mm/42/mn/sn-4g5lznls/ms/onc/mt/1667011015/mv/m/mvi/2/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
de0acfdc3e86b8f679ef49d8b39747699233dcb3916df1362be590728ae244dc

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 81A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 11:28:47 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 81A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C28b71ZJcY__zKsOl3gORzqzYDPjTg_ZssryRtNYQl8-ivcABEAEg8ev7RmCV4pCCoAegAeSgwMIByAEFqQJUqVXC_LewPqgDAcgDE5gEAKoE_wFP0Bws4cALXjIPC9hFQcrZH3l82Zh41NTPjXsAdNMzr3hkCpa5dQx26qRh5QiO03YZJI66Pu-xTz2GpNs4rMv7m95ctCMzXBA5Z3QBFfbcI7D58UI7x9Y3GlX-6qXPO1RV1kLuj7XgjyMEKOabBAKQkOnUplkCUEwHpdbyHSGZxXzi9o_z39KyfFu-RsscgueMoeGOqTHzC06scE-VYTPfxM42e6EnDOd3q8-B3C6nDoxvvpPoY49ikz12R-84EY-a6RsPwmNTsPcsxRNFgsqR0VBAfvEj0iuIChZzahl6DozyZ5PNmzT-ZOwSUYGuTW8xWPeVWKruW55fbK3aPXzABKT1mtalBOAEA5AGAaAGToAHhN-_vQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUzMzAxNDY1MjgzNDQyNTiACgOYCwHICwGADAGwE6mj6xDIE4TzrOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=ZQmFnFBGF0s&label=vast_creativeview&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D6242,1190,6467,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1429%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D272108025%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1667011284561%26ptlt%3D1667011287011%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1667011286334&sdkv=h.3.541.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mjc1OTYyMzg2MDNAzQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDAyMjAyNjcyCTE4MDA4ODI2NkB7CmMIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gAioJNTQwMjIwMjY3MgkxODAwODgyNjZAtAFSIhAEJQAAoEEoAToHdW5rbm93bkIHdW5rbm93bkj3BFAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&ldt=OPENVV&key=uxXdqAB3&c_id=4204&seq=1&order=7&absoluteTime=6453.5&relativeTime=2710.7&sm_id=2327069&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFDMNIY&ac_id=2008&percentViewable=0&technique=IntersectionObserver&viewable=false&viewportWidth=1600&viewportHeight=6477&elementWidth=400&elementHeight=225&iframeContext=on%20page&focus=true&type=change&counter=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&ldt=OPENVV&key=uxXdqAB3&c_id=4204&seq=1&order=8&absoluteTime=6454.3&relativeTime=2711.5&sm_id=2327069&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFDMNIY&ac_id=2008&percentViewable=0&technique=IntersectionObserver&viewable=false&viewportWidth=1600&viewportHeight=6477&elementWidth=-1&elementHeight=-1&iframeContext=on%20page&focus=true&type=change&counter=2
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1215946&asId=6fede1e4-f25f-d547-3742-040a073b5b65&tv=%7Bc:soEQGO,pingTime:-2,time:71,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6388,beZ:6390,mfA:6392,cmA:6394,inA:6394,inZ:6400,prA:6401,prZ:6408,si:6411,poA:6413,poZ:6434,cmZ:6434,mfZ:6434,loA:6444,loZ:6445,ltA:6459,ltZ:6459%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:v,w:0,h:0,t:22%7D%5D,vv:-1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:72,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:22,wc:0.0.1600.1200,reas:v,bkn:%7Bpiv:%5B63~1%5D,as:%5B63~na.na%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:u,tt:fwjsvid,dtt:0,fm:tlChtrN+1*.1215946-66419882%7C11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:env,siq:24,slid:%5B%5D,sinceFw:46,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:3796:5ca4:dcab:6108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1667011286905&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=428681506&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698108511/?random=1667011286905&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=428681506&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7KPA9H6C8J4EI5HJ3SG&lib=ttq
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b1404a29e9637a450a7d52116425d9d0a36f0d56f0fe41fb4bcfe172cc739a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
x-akamai-request-id
3064ffaa
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210290241275AF99BCD214B6A1F4C4A
vary
Accept-Encoding
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,2.16.186.238
x-tt-trace-host
012bbcf7ec4f7fdeaa2588a6c8b311759f8d906f42f9e255d0c9cdf1b9970209f3574133a8662b25421bfed9f9857dc8d4860639ac7af54fbd0c27172bb2597871965c5497fd3ce9127675e436e46e8d96
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
expires
Sat, 29 Oct 2022 02:41:27 GMT
RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		981 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66af53f8ed114c754912049efd31ee3e35b9ee0dc8728a12a26a0352fe37336f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:44 GMT
x-amz-version-id
3_BztrGC_n1e.xX0dNkewEexSL2X8uXg
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
524
etag
"d79c5c28ab1b60cfa114963f4d2a39e6"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
981
x-amz-cf-id
nj5gEgrGJyEvMfead_ghTn39ZXpGjLUtnntBVUXF0PRda2DLz8jBoQ==
dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-...
adservice.google.com/ddm/fls/z/ Frame A14C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Requested by
Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CK-V4vy0hPsCFQEkBgAdTboEFQ;src=10230056;type=ret01;cat=land01;ord=4375100563417;gtm=2odaq0;auiddc=1773267981.1667011287;~oref=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10230056.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 43B0 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
405660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 10:00:27 GMT
expires
Tue, 24 Oct 2023 10:00:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 29 Oct 2022 02:41:26 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CC717245A6443EA99D5BE774E03FD90 Ref B: FRAEDGE1509 Ref C: 2022-10-29T02:41:27Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11376
RCfc98541866c44adc8969609b572bc808-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RCfc98541866c44adc8969609b572bc808-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ed44361ecf8a46e0a3a35ca60e0369a8017666f0f8560f84d3abdac423ddb30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:45 GMT
x-amz-version-id
u6EFOhMaDxUr4NKzJbBTAbDotivttTwv
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"648359063fb0149183293a407e6db9b1"
age
523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
tC0HNPmCk73jN6t5SJdWr_FWpFwyo8kttiGlQvFwm2IV5Ny5U_B53A==
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
0
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
main.961e55a4.js
s.pinimg.com/ct/lib/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.961e55a4.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a53f5aa7aeb6a6604f0f76118b575bca4f1ee489fe84f2d996d2b32499552ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"b9be241e8240e73bb66301c5815d5b3b"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20740
pixel
ap.lijit.com/ Frame EBEF 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 29 Oct 2022 02:41:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		997 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
647
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 22:31:50 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=54332
accept-ranges
bytes
content-length
471
RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/ 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc6529e585ff0071885efee9c77da4fa34a7d83313f66f4a0841a5d5130f9cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:32:45 GMT
x-amz-version-id
vvpAfNwdpjxIb_jBLqmxWGRWa2U60Krk
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 02:32:00 GMT
server
AmazonS3
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"9a9fec832a15b6971d71a0c5742fe79a"
age
523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
RksBsRacgvDhEQ6IqRLMTmbWii1xR-cPNrXh6iCgpFIW_QZydRCiCQ==
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame 43B0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 15:43:18 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
13008914.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13008914.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Oct 2022 02:41:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECE8B9FDEDBC4541A82972871FCCBF6E Ref B: FRAEDGE1509 Ref C: 2022-10-29T02:41:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=200454b8-b4c5-44e6-a2f4-b8bb283e1fa4&sid=2f91ba00573311ed960fdb323ff5a98e&vid=2f91fb50573311eda6fe09a1d3d04a98&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&kw=Toys%20R%20Us,retail,bankruptcy,Asia,sell&p=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&r=&lt=4945&evt=pageLoad&sv=1&rn=897813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Oct 2022 02:41:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B47E7955A68488F94FF07D774C882F1 Ref B: FRAEDGE1509 Ref C: 2022-10-29T02:41:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
0
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
s7jim3bbou8ccqahtvq5ae1r00ajuikh
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:02:26 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=31723
accept-ranges
bytes
content-length
3063
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1667011287179&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b591c3d1-55fd-4aca-b537-e72066180046&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
cookie
cm.adform.net/ Frame 60CF 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
server
nginx
content-length
43
content-type
image/gif
/
ct.pinterest.com/user/ 		539 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612846434758&cb=1667011287195&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.961e55a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.8f6656b8.1667011287.a09ab19
x-envoy-upstream-service-time
1
content-length
377
x-pinterest-rid
1748411488206857
pin-unauth
dWlkPU5tUXdOMkZqTlRRdE9USXdNUzAwTnpFNExUazVNMlV0WWpsbU16VXpaR0UzWW1OaA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22961e55a4%22%2C%22epikDataSource%22%3Anull%2C%22derivedEpikDataSource%22%3Anull%2C%22unauthIdDataSource%22%3Anull%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667011287197
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8f6656b8.1667011287.a09ab1a
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1474225181776336
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1667011287203%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Fbu...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.ht...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.h...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&liSync=true&e_ipv6=AQK-LJ0cDycisgAAAYQhnZqM2OF6zs-vHHXQU5T-xfAQQ-pQuqN0Q154WvlwN3m0jrgUnNvkMb0EHdu8EL-csYMoKCccIQ
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 57A97F82D1FE45B88B2BDE7B76EB07C5 Ref B: FRAEDGE1115 Ref C: 2022-10-29T02:41:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsI0+m1DeS31BwtIiiqg==

Redirect headers

date
Sat, 29 Oct 2022 02:41:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 468B35D67DFB47C7A0B6131D0E5078B5 Ref B: FRAEDGE1111 Ref C: 2022-10-29T02:41:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1667011287203&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&liSync=true&e_ipv6=AQK-LJ0cDycisgAAAYQhnZqM2OF6zs-vHHXQU5T-xfAQQ-pQuqN0Q154WvlwN3m0jrgUnNvkMb0EHdu8EL-csYMoKCccIQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsI0+ji+l6+aLs0I0mEg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 43B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.541.0&bgai=BD8cr1pJcY82fA96AkdUPg7CziAQAAAAAOAHgBAI&bg=!7-yl7KjNAAZPh4lnb4c7ACkAdvg8Wgk69OsZSzeiKpOD-3cWRzeLCbUSDcyvCPoyDglPUhernM7KZwIAAACAUgAAAANoAQeZAsEQ6xkFifDmZBSDvxdyd34TcYYn3quSsh7iIlb0AsmhZLMUim8WGXxsWFnQpsK_qGQGjgrW_sFjU7p18rWX8jgYVmXbiditCvZdseQuHoEyamFScMFH6Cor-477bBM0VtlAW_etx_pF-bx3SNuNDdNzXjW8ZwvqpDvdWcAHOY4drL7WIcZL-OzgodTC2x2eAQY2K6UaYWdxz9IMzoPld6UW42qBvV0a4QmB9hN6008bgxhiSAZ0QEDV8d5or2kXz2XRR_eCvc-GUoAmRH-EepiqcEKGM5hFxgcgzUq8wia4HfIQgVPZ-XuTDjyyekgMLPQhdGMTyvHbGmDajIyNxH5B5eec2glE_t9knHtHdKcvpc3KqhjyvjXNJYXeXWbnJhDex0v9kL7ZK5cWU0j7NpraolCM1vJaV-OmmTFBvSSmKJo6Z_X800FX12SV_h-sQ7ff_zJSdiPa-5gUNU2-wZDTP8ZbUFk12_hXBV3xiVrfkdgff5zW-eYCJZuQf8-gxMmko60MGFgjI0qBYFvJyulwRlf4wnNbghoErnrJox9439gjh6er_8dOJZaeZLYvk0zaw4G6Ssb_4CN8fMy8l76rJdM_5obFGEOC3pWqhCa7rK0aVYryEQt6uYxMDzy9FBziS3nEGaum6ZWzw5i6fwPxorvebPWRecp65NxVefnkbtWLifykqXdy1cUnU821sWS1If9_joNLZegqV_fKNUwCuarjrYrq7UYQTRukHunEtN18RJaW2E2KuZh6TLk7xX2nR7m3p4vPMtZS3vfP8XVXiA0Nd6M8fVYj7LfywfrhCINSr6r4fGJF7CPlfQfiPtwFviFwcMJntpxV9qd2KElgG2VMeO-epEf32mqvouAExQTlRCxwlS2Eiaaf6crvYIUIouxj922wnWuxuANkBQjo9K93gG_73N7fdOsYe1hecIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7KPA9H6C8J4EI5HJ3SG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
x-akamai-request-id
30650006
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210290241275AF99BCD214B6A1F4C6E
vary
Accept-Encoding
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
92,2.16.186.238
x-tt-trace-host
012bbcf7ec4f7fdeaa2588a6c8b311759f8d906f42f9e255d0c9cdf1b9970209f37c05083e7d533dab0a59e94bb9bc9a2dc83a35da8675caed7efc744470123d9ef70705416acb4b8105eb0e711536f58d
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=92
expires
Sat, 29 Oct 2022 02:41:27 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		879 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7KPA9H6C8J4EI5HJ3SG&hostname=www.thestar.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7KPA9H6C8J4EI5HJ3SG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d8a6e057cd5dcd0a103239a57d95232f6b0e242609b1495ec981730e5a9dcca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-akamai-request-id
30650014
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
content-length
353
pragma
no-cache
server
nginx
x-tt-logid
202210290241275876E19639D0C220B4E7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
91,2.16.186.238
x-tt-trace-host
012bbcf7ec4f7fdeaa2588a6c8b311759f8d906f42f9e255d0c9cdf1b9970209f3bbaa78fee24685bb223731fc3a88aa52b6afdc41f345d7672f0df75050e06dafa5abb02957517ab8149a93459c4e59d6
expires
Sat, 29 Oct 2022 02:41:27 GMT
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
0
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBH87uEHz2hcIkQ8Kawy1iYx6hHrHbvbAAtnTEuGyCtmSjThqtBMTrmx%2F%2F5aeXJcKilEZVabnmkVwuGDb9hUK1A4LGhSFtFIWn1bRNNhlKRh43vEVs%2BnBBegyLUjtZyVj2d6OP8K"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
cache-control
no-cache
cf-ray
76188d622ba19180-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ct.html
ct.pinterest.com/ Frame EBC4 		565 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.961e55a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.8f6656b8.1667011287.a09ab25
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 02:41:27 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1803497154460887
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:27 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 02:41:27 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
101995
dmx.districtm.io/s/v1/img/s/ Frame 60CF 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1667011287346&cv=11&fst=1667011287346&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&auid=1773267981.1667011287&data=event%3Dform_start&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03bf0ead33a3596c005751f2277a4b5fe6839d31c82f9e21f5a3da4592a34e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1667011287353&cv=11&fst=1667011287353&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&auid=1773267981.1667011287&data=event%3Dform_submit&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b40fa21db9eef3695697e01e84359b8021919dabb16589b4e425ba8d496c457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame E0C5 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.thestar.com
Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.thestar.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:27 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pixel.png
unified.adsafeprotected.com/ Frame 231C 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LnRoZXN0YXIuY29tL2J1c2luZXNzLzIwMTgvMDIvMjcvdG95cy1yLXVzLXJlcG9ydGVkbHktaW4tdGFsa3MtdG8tc2VsbC1hc2lhbi1idXNpbmVzcy5odG1sIn19LCJjYiI6MTY2NzAxMTI4NzM2OSwiaWFzX3NpbmdsZXRhZyI6dHJ1ZSwiaWFzX3NpbmdsZXRhZ19vdXRjb21lIjoyMywiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjEyMTU5NDYiLCJjdXN0b204IjoiNjY0MTk4ODIiLCJjdXN0b20xMSI6IjIwMjIuMTAuMDctMTUuMTgtM2VmZDkzOCIsInhzaWQiOiI2NmY4OGFmOS1kNGJlLTRiZDAtODRhOS1hMTdhNjJkYjJjN2IiLCJwcGF0aCI6Imh0dHBzOi8vdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.85.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:27 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1215946&asId=6fede1e4-f25f-d547-3742-040a073b5b65&tv=%7Bc:soEQMJ,pingTime:-10,time:438,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC44NyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1667011287388%7C%7C99362b50c62c29f8f0fd71503b930d37%7C%7Cf8a61638d246180133c226b527e2398b%7C%7Cf23c00055d7dec73d4f69c072ee4223e%7C%7C0f185a50c888cc2ae31bac12f74f68af%7C%7C04d254df2e0e7e9723360763abf4f9ff%7C%7C57ec4c36d01bc19d0772fbc9689f9d3d%7C%7C7ac03fcf8a89cd8e93d5d1b7d3f3ec3e%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:3796:5ca4:dcab:6108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
0
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZc231cgMlUHZDIc%2Bb2rvj%2BuFOkeU6lZr6hw8stNR2sV8%2FzcKfZ9RKyE35kugIZzJi4yoElxd6wHwgVBefFlQ3EI3th4C9xJ4P%2BYr6oU3TpwJhI%2Fwgh42BQwKQYrZ%2BshjDWthfGI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y1yS11lnQTH976n2g0.ScwAA%265150
cache-control
no-cache
cf-ray
76188d623bb89180-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
dc_oe=ChMIzeKq_LSE-wIVXkCkBB0D2AxBEAAYACDK2-9VOhoI-NTjvQIQpPWa1qUEGITzrOEDILK8kbTWEEITCL-ylfy0hPsCFcOSdwodEScLyw;dc_rmcid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4;eps=CIDhgBAQARgdMgK...
ade.googlesyndication.com/ddm/activity/ Frame 81A3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzeKq_LSE-wIVXkCkBB0D2AxBEAAYACDK2-9VOhoI-NTjvQIQpPWa1qUEGITzrOEDILK8kbTWEEITCL-ylfy0hPsCFcOSdwodEScLyw;dc_rmcid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D6242,1190,6467,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1429%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D272108025%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1667011284561%26ptlt%3D1667011287402%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1667011286334;dc_rfl=0,https%253A%252F%252Fwww.thestar.com%252Fbusiness%252F2018%252F02%252F27%252Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 81A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C28b71ZJcY__zKsOl3gORzqzYDPjTg_ZssryRtNYQl8-ivcABEAEg8ev7RmCV4pCCoAegAeSgwMIByAEFqQJUqVXC_LewPqgDAcgDE5gEAKoE_wFP0Bws4cALXjIPC9hFQcrZH3l82Zh41NTPjXsAdNMzr3hkCpa5dQx26qRh5QiO03YZJI66Pu-xTz2GpNs4rMv7m95ctCMzXBA5Z3QBFfbcI7D58UI7x9Y3GlX-6qXPO1RV1kLuj7XgjyMEKOabBAKQkOnUplkCUEwHpdbyHSGZxXzi9o_z39KyfFu-RsscgueMoeGOqTHzC06scE-VYTPfxM42e6EnDOd3q8-B3C6nDoxvvpPoY49ikz12R-84EY-a6RsPwmNTsPcsxRNFgsqR0VBAfvEj0iuIChZzahl6DozyZ5PNmzT-ZOwSUYGuTW8xWPeVWKruW55fbK3aPXzABKT1mtalBOAEA5AGAaAGToAHhN-_vQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTUzMzAxNDY1MjgzNDQyNTiACgOYCwHICwGADAGwE6mj6xDIE4TzrOED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=ZQmFnFBGF0s&label=part2viewed&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D6242,1190,6467,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1429%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D272108025%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1667011284561%26ptlt%3D1667011287402%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1667011286334&sdkv=h.3.541.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mjc1OTYyMzg2MDNAzQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDAyMjAyNjcyCTE4MDA4ODI2NkB7CmMIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gAioJNTQwMjIwMjY3MgkxODAwODgyNjZAtAFSIhAEJdkVoEEoAToHdW5rbm93bkIHdW5rbm93bkj3BFAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 81A3 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLO8SP2TMzZVv5trFrxG_PKS-dyBnfdlwC0n21QFzZla-CD6r7PlARpCVM3CH_e8SqDBHkNc-XiRA-_FvZoJnXpIJfujMrdq9m3xxcbDoMQJ2OrB-MdaMA4B5942IKuxp669eVXoJeDaE2PdTkvHwFjmeSUdDzbG_ryRUnfXkIS3ukJNAV--r6CVQk1-z2ggPYOAZL6NSP9gUoo9f1n-LFzgwXQkCVnWhHi2t2ZvFn9GuKE01NJStPgMDossxsZxz5yk2R46Yg_Q6q0ZsrZbm02uZGU58ysxVqLV33ZCRZRls0yhXKyLv8ozP9Jfr3QrDASKwUBUrvV0Tr78xLz0sV8sdGETM4iO2ap8ZNo-bCZxtDDGjKjbWiS8r2lM12VDSpi0Xe9Yi5Tb0VnB21OncLH6L5tJsMOB87pTVd4kDnoOGNAvG9cATSbN7af-7w-iG2F0YEvnmBEIPdb-D_zrsP9UYjK89K6-fXlv3qlAmJ6tnCLq2AINyZrTy8xH5xcsiJBe91XykUEyyF0UZsnpLuI_GdsV27Ko_lr81-n_aCSrDRMDnSPBY2WOsxFsI63e3rSIOg7BzlfvGGRUyfmggfjTWqGXdtI0n52VF2dgdfXslmWSukeyMSaabYZa7zvh9PHlP76ATeHR1HcA3FZDYy3hIvV4lUdEodt1HIyHAmjY_QGCPLig1WqW5cNxFsEO2XTs654WX1jVxbHgblE28oChSBGaKggCXwD9kaVzrnJJGhjAKqeSyPZvuotfAz7mm1TK9ToEucj2OBJ6X9dpOldNevZsWEprcG_m3qM3f2I1SU9d5Oc2k-SJTGEhDEM3Wbf6le2IZt2obroFeo_819RBjBef64g1d-__sGo4IDBEzfut7fY20u0A8FAWkWraaxRNi_Q4BIN0R-BCxR9c8BktVTn6P6U0fVI2th3QBQciFE1UZ7CZMchc2kiB4qhjmOhhhgNm8_OrEcZBj4I1ajZ6mLqNWjIk_CVWPQadGoVLFbbsUskFdmWWs4y6K5vDNkHgipwu-S5Tzy-EXgfEMNje4w979_94l4zlb3QoCnNO5wLnwRMSxrPXxWHsvgMY--KNvhXF5HQAUi_cZGqFcIdgatmMpku0Ua3bXRsE5_V1sjFhUTRmWToJvr3ofvqPgUScTS7NTjjtsZQX7522qbdVJug0boHv6mjJr3SwNCkEc76dqmK8giN4F2XegVQ6LSDaDlmlzoUOnra9-u40u6QzKonCtKA4juXklyBIJva66nl2yCu_rMlnD4SVCiYkdudw&sai=AMfl-YRbk8Hd1Jl_YdfZ8siybVMxLejAbtSLPAn-RGbc4ZcuHkT_Du8_5a4l5bvLXry_KtWOGdn_Qznbjc8rN6f3PiicNewUixW6BoINbCo9D5McHQbYabgODmNJTO6S8zSlR76qIO6jxmQv8KaUb226ZF3cMDbXf-QlSORXAZl_JIwwVLBHwXx-IfmArpSPEHFlEVSW_tdT3EAOx0ONhb0Q2t9HXS7sRw&sig=Cg0ArKJSzN5rOyJmMWWGEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.541.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 81A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEPjU470CGLnSvtUBIAEwAQ&v=APEucNVh8jWIYNkIZDRpM3u2_glHiIP_pAEd5r7HMJgpa4Se8UD9XXzVQHrb6a14SRAwMXFiUKaAwvMBAMVG3roahQYVMYsLbg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
dot.gif
s0.2mdn.net/ Frame 81A3 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:44:21 GMT
x-content-type-options
nosniff
age
46626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 13:44:21 GMT
pixel.png
unified.adsafeprotected.com/ Frame 81A3 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMjE1OTQ2IiwiY3VzdG9tOCI6IjY2NDE5ODgyIiwieHNpZCI6IjY2Zjg4YWY5LWQ0YmUtNGJkMC04NGE5LWExN2E2MmRiMmM3YiJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIxODU4NTgwNjc5NSIsImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMS9oLjMuNTQxLjAiLCJoZWFkZXI0IjoiMiw3LDgiLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjY3MDExMjg2Mjc0ODU0MTQzIiwiYWREdXJhdGlvbiI6LTEsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVlBBSURfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1215946&pubEntityId=66419882&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.85.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:27 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame 81A3
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1215946/66419885/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b&bidurl=https://www.thestar.com/business/2018/02/27/toys-r-us-reported...
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b
Protocol
H2
Server
2600:9000:21f3:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
10842509
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
_ysY-CLaDji9ajtj-IT8qu4xfrqXiuwxktY-pXP90Dx7Gm8-byQu0w==

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=66f88af9-d4be-4bd0-84a9-a17a62db2c7b
cache-control
no-cache
content-length
0
dc_oe=ChMIzeKq_LSE-wIVXkCkBB0D2AxBEAAYACDK2-9VOhoI-NTjvQIQpPWa1qUEGITzrOEDILK8kbTWEEITCL-ylfy0hPsCFcOSdwodEScLyw;dc_rmcid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4;eps=CIDhgBAQARgdMgK...
ade.googlesyndication.com/ddm/activity/ Frame 81A3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzeKq_LSE-wIVXkCkBB0D2AxBEAAYACDK2-9VOhoI-NTjvQIQpPWa1qUEGITzrOEDILK8kbTWEEITCL-ylfy0hPsCFcOSdwodEScLyw;dc_rmcid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D6242,1190,6467,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1429%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D272108025%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1667011284561%26ptlt%3D1667011287401%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1667011286334;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 81A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQgGtMBP1LOo5bi5sE4xBRSC58zipNQKfy8OLGLxwHXtgsT6QjrkN11kySf2C75VvH27Fwj0EIwxn8YhgWS2aKei3pY22GrNLwArzjefOgG1SQk-iokwu_MTClHl67BAoOUYgFYg&sai=AMfl-YTTMm2Eavv7UWdvouOvCDzwBCrIwQtYOBHZVdqWJFJU7NRkQbucmPY1RpRpAcW33xSrmTpnzbp0Jok5Tr1GSVWl35EeP2AdmtafW0_6tX4uckfbG4jcW6Znze5mIdM&sig=Cg0ArKJSzHs4NzPznPRpEAE&cid=CAASJeRoURv20Z6Y3F3HKcRI08XYUQpQe6DPQ5z0yHr3uudUwjy7vi4&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D6242,1190,6467,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1429%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D272108025%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1667011284561%26ptlt%3D1667011287401%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1667011286334&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=cVDqsFWsj91ZVJwz&instance=215236292&version=7.10.0&age=221029&ldt=AD_IMP&key=uxXdqAB3&seq=1&order=9&absoluteTime=6848.5&relativeTime=3105.7&sm_id=2327069&visiblestatecd=I&soundcd=OFF&adX=true&lineItem=627596238603&adSystem=AdSense/AdX&firstLineItem=540220267&firstAdSystem=DBM&lineItemsGDFP=&adIndex=0&advertiser=&cid=4204&pposition=float&floattype=s&adServer=gam&iu=/92056281,58580620/54097046&logAssertiveYield=false&rand=12&rmt=ns
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame D6F9 		43 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1667011284712&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20010.667&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2327069&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1667011287415&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2703&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&c8=&c9=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
43
x-amz-cf-id
rQV0WyCnRg3t85x48i7mmDZ44plKQTpAbA5aTRioqC_l9cKYdV95Og==
x-cache
Miss from cloudfront
content-type
image/gif
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1667011287346&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dform_start&fmt=3&is_vtc=1&random=3111899652&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698108511/?random=1667011287346&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dform_start&fmt=3&is_vtc=1&random=3111899652&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1667011287353&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dform_submit&fmt=3&is_vtc=1&random=3738478601&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698108511/?random=1667011287353&cv=11&fst=1667008800000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&tiba=Toys%20%E2%80%98R%E2%80%99%20Us%20reportedly%20in%20talks%20to%20sell%20Asian%20business%20%7C%20The%20Star&data=event%3Dform_submit&fmt=3&is_vtc=1&random=3738478601&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7KPA9H6C8J4EI5HJ3SG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
x-akamai-request-id
30650061
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210290241275876E19639D0C220B502
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
116,2.16.186.238
x-tt-trace-host
012bbcf7ec4f7fdeaa2588a6c8b311759f8d906f42f9e255d0c9cdf1b9970209f3bbaa78fee24685bb223731fc3a88aa528fd5b3fcb5adadbaec6caeb7263f68f720cb2cd4a7416918836095a79fbc5f49
server-timing
inner; dur=15, cdn-cache; desc=MISS, edge; dur=7, origin; dur=116
content-length
0
expires
Sat, 29 Oct 2022 02:41:27 GMT
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
0
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:27 GMT
AN-X-Request-Uuid
d1c9db43-7ec3-4c51-88c7-62e532dbd250
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4536031174513561289
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 60CF 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.212.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-212-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:27 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 60CF 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 29 Oct 2022 02:41:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.php
pixel.rubiconproject.com/exchange/ Frame 60CF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A891 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20412
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 29 Oct 2022 08:21:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B1EE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283639&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20412
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 29 Oct 2022 08:21:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame A891 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86515198&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f7579d67877657e1b6c84fec4cbb98b9f2507976928b9a199b47b5a6eb5fbdf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 02:41:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=6a29b9e4-982b-41b8-9a1e-f22d90afd278
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
12oql5q20l1ag3iihbeju08a6tpaemla
match
c1.adform.net/serving/cookie/ Frame B591
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 29 Oct 2022 02:41:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 29 Oct 2022 02:41:27 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7B6B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4096643420325195087
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4096643420325195087
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4096643420325195087
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame CB59
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 29 Oct 2022 02:41:27 GMT
Expires
Sat, 29 Oct 2022 02:41:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master cdg-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 61E8 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 02:41:27 GMT
expires
Sat, 29 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
594557
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame E0B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4536031174513561289&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4536031174513561289&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5fa5daf6-90d0-4ef5-97a8-8e9fd9cc5232
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 02:41:27 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4536031174513561289&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame B731
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 29 Oct 2022 02:41:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VDXK9YH0PW31PRMBR9T5

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 29 Oct 2022 02:41:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BA52048C-5871-4C6A-B043-70002AB68E8E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
806AV6YCD86P3CHSEBMN
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A891
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ulIEjFhxTGqwQ3AAKraOjg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=20412
accept-ranges
bytes
content-length
5549
expires
Sat, 29 Oct 2022 08:21:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A891
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4745635c-92d7-4b00-8e10-57390f527df2
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4745635c-92d7-4b00-8e10-57390f527df2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 29 Oct 2022 02:41:27 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4745635c-92d7-4b00-8e10-57390f527df2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 29 Oct 2022 02:41:26 GMT
generic
match.adsrvr.org/track/cmf/ Frame A891
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BA52048C-5871-4C6A-B043-70002AB68E8E&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame A891
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkE1MjA0OEMtNTg3MS00QzZBLUIwNDMtNzAwMDJBQjY4RThF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A891
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiXD2NYhIEcoVAcVaB8fdI&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiXD2NYhIEcoVAcVaB8fdI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiXD2NYhIEcoVAcVaB8fdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A891 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 28 Oct 2022 02:41:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A891
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8171572046384742186
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8171572046384742186
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8171572046384742186
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A891 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
s2472432310263
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCXS/ 		43 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCXS/s2472432310263
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/641e55bfd957/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 30 Oct 2022 02:41:27 GMT
server
jag
etag
3579879481233309696-4619811205577022455
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Fri, 28 Oct 2022 02:41:27 GMT
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f3214700-af5f-4307-9590-235db4f78553
access-control-allow-origin
*
date
Sat, 29 Oct 2022 02:41:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Date
Sat, 29 Oct 2022 02:41:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=db35623b-072d-445e-9881-1e18671d51e2
date
Sat, 29 Oct 2022 02:41:28 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
151
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 60CF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-VOwn.8FE2uEvuT4iBmDXHrdQnj48M4gxGjaL7ZM-~A&gdpr=0&gdpr_consent=
date
Sat, 29 Oct 2022 02:41:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
elb.the-ozone-project.com/ Frame 60CF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Date
Sat, 29 Oct 2022 02:41:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
PrebidServer
crb.kargo.com/api/v1/dsync/ Frame EBEF 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.212.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-212-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 02:41:28 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
generic
match.adsrvr.org/track/cmf/ Frame EBEF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=b19af0d4-b2b0-41c5-a6f4-bb0afb2e8871&publisherId=TKN100000001&siteId=4204204311&cb=1667011283466&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=551361706835419416
date
Sat, 29 Oct 2022 02:41:27 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5bf99270-0e16-4a50-8b70-662ddc5d9338
Date
Sat, 29 Oct 2022 02:41:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=261800225416912313622
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADeD07GuSYAACHWSnX6dw
Date
Sat, 29 Oct 2022 02:41:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame EBEF
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8893972195487942222
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8893972195487942222
Protocol
H2
Server
54.76.141.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-141-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 02:41:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8893972195487942222
date
Sat, 29 Oct 2022 02:41:28 GMT
server
nginx
content-length
0
content-type
text/plain
usync.html
eus.rubiconproject.com/ Frame 927B 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 02:41:28 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
101995
dmx.districtm.io/s/v1/img/s/ Frame EBEF 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame EBEF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/FGMrCMMc/ Frame EBEF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.67.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-67-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:28 GMT
usync.js
eus.rubiconproject.com/ Frame 927B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:41:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45064
Connection
keep-alive
Content-Length
9454
Expires
Sat, 29 Oct 2022 15:12:32 GMT
khaos.jpg
token.rubiconproject.com/ Frame 927B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame A891 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 02:41:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

334 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ozonePrebidAdunits function| ozoneLog function| ozoneError object| pbjsFile object| integrationFile object| blueConicPreListeners function| BCClass object| blueConicClient object| permutive object| googletag object| __PRELOADED_CONFIG_DATA__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| gs_channels function| Kumulos function| receiveMessage object| dataLayer undefined| url undefined| meta number| _vis_opt_account_id string| _vis_opt_protocol number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp boolean| _vis_opt_settings_loaded string| _vwo_cookieDomain string| _vwo_uuid string| _vwo_lib_cb string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| VWO object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb string| _vis_opt_file_name function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_editorOperationTracker function| _vwo_handleMutations number| _vis_opt_experiment_id boolean| canRunAds number| ___vwo object| __nls boolean| adBlock string| theStarSAccount object| _comscore boolean| comScoreFirstLoad number| scrollIncrement object| PARSELY function| trackScroll object| referrerHistory function| initTrackingBeacon string| $igniter_var function| $p object| apstag object| pbjs object| adunitCodesProcessed function| auctionRetryer function| getUnrequestedSlots object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| vfQ object| viafoura object| vf function| pbjsChunk object| _pbjsGlobals object| UrlCache object| SUBSCRIPTIONS object| SWG function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain boolean| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| default_gsi object| google object| closure_lm_80405 object| MoatNadoAllJsonpRequest_85660678 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedtorontoprebidheader623296055317 object| moatPrebidApi object| COMSCORE function| udm_ object| ns_p undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| MoatContent boolean| apstagLOADED object| webpackChunkli_browser_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| pbq string| GoogleAnalyticsObject function| ga object| bc_json514 undefined| google_measure_js_timing function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s string| keyLinkTrackVars function| _typeof object| gaplugins object| gaGlobal object| gaData object| pbProcessor function| onYouTubeIframeAPIReady object| webVitals object| __LOADABLE_LOADED_CHUNKS__ function| Buffer object| AWS object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| smg number| curY number| curDepthRatio object| adobeTokens object| _bcp object| userAgent object| mdc function| theStarLinkClick function| $ function| RuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 boolean| bcUrlListenerActive string| _this_intIDs string| _page_title string| _this_href string| _this_referrer string| _this_paywallType object| bc object| interactions undefined| dialog object| button object| bc_datalayer function| fbq function| _fbq object| bc_metercount object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| msgData object| bc_json515 object| JSON3 string| _this_variant string| _this_dialogue string| _this_dialogueId number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_416827 object| closure_lm_568080 number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| host object| GoogleGcLKhOms function| clsn object| dicnf function| btrp function| pdib3 function| vv function| sasrc function| stcc function| omrhp object| google_image_requests object| closure_lm_134346 object| campaignData object| TheStar number| auth number| x number| ati number| ki number| tsi function| __d3lUW8vwsKlB__ function| trackFB string| fbPixelId string| pageType string| template string| twitterPixelId string| SiteDomain function| twq function| __an6na521li18__ object| OWQ5ZWM4NmRjNTBkYzJlM2xvYWRlcl9qcw== string| OWQ5ZWM4NmRjNTBkYzJlM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady string| PinterestPixelId function| pintrk object| twttr object| GooglebQhCsO function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope object| __IASOmidVerificationClient undefined| __IntegralAS_6fede1e4f25fd5473742040a073b5b65_7461 string| tiktokPixelId string| TiktokAnalyticsObject object| ttq string| bingPixelId object| uetq string| linkedInPixelId string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| redditPixelId string| transactionId function| rdt function| UET function| UET_init function| UET_push object| ueto_1709b0ba7f object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels boolean| _already_called_lintrk object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge number| m boolean| pvOccured boolean| pageViewOccured object| s_i_torontodnnlocal

126 Cookies

Domain/Path Name / Value
e377.thestar.com/DG/DEFAULT Name: BCSessionID
Value: ceee2f53-c349-4974-ba57-3002e5aee1d8
torstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: ceee2f53-c349-4974-ba57-3002e5aee1d8
www.thestar.com/ Name: last_visit_bc
Value: 1667011281121
.thestar.com/ Name: bc_tstgrp
Value: 7
.thestar.com/ Name: _vwo_uuid_v2
Value: DA8E7058B48AA4FEBDE4C6809D6F95471|8718d7d9342e7567d51ec84632b2ac11
.thestar.com/ Name: _vis_opt_s
Value: 1%7C
.thestar.com/ Name: _vis_opt_test_cookie
Value: 1
.thestar.com/ Name: _vwo_uuid
Value: DA8E7058B48AA4FEBDE4C6809D6F95471
.thestar.com/ Name: _vwo_sn
Value: 0%3A1
.thestar.com/ Name: _vwo_ds
Value: 3%3Aa_0%2Ct_0%3A0%241667011280%3A51.89564737%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
.thestar.com/ Name: permutive-id
Value: 08149c80-2a53-4dd8-a5ac-fe9b8887ebbe
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: 16dee2aa-18cf-476a-a069-329c53fce735
.thestar.com/ Name: _igt
Value: e6963907-bb83-40e5-8e2a-ba342232a327
.thestar.com/ Name: _ig
Value: 9da61d4c-a9ad-4539-ab67-8b7e271ce311
www.thestar.com/ Name: userSegmentLogin
Value: false
.thestar.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html%22%2C%22sref%22:%22%22%2C%22sts%22:1667011282243%2C%22slts%22:0}
.thestar.com/ Name: _gid
Value: GA1.2.1868445829.1667011282
.thestar.com/ Name: _gat_UA-70431129-1
Value: 1
.thestar.com/ Name: _gat_UA-73335503-3
Value: 1
.thestar.com/ Name: __psid
Value: 1667011282269
.thestar.com/ Name: local_ga_B4CQN4KW3R
Value: GS1.1.1667011282.1.0.1667011282.60.0.0
.thestar.com/ Name: local_ga
Value: GA1.1.24496825.1667011282
.thestar.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1667011282.1.0.1667011282.60.0.0
.thestar.com/ Name: _ga
Value: GA1.1.24496825.1667011282
.viafoura.co/ Name: VfSess
Value: nrsd297grueq7qivbtnge8t7qv
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.thestar.com/ Name: _vf_rd_test_1667011282479
Value: _test_1667011282479
www.thestar.com/ Name: _vfz
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1667011282.1.medium=direct|source=|sharer_uuid=|terms=
.thestar.com/ Name: _vf_rd_test_1667011282481
Value: _test_1667011282481
.www.thestar.com/ Name: _vfa
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1f2eea15-36d8-49ac-a2c8-054fb60a553a.1667011282.1667011282.1667011282.1
.thestar.com/ Name: _vf_rd_test_1667011282533
Value: _test_1667011282533
.www.thestar.com/ Name: _vfb
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.2..1667011282....
.thestar.com/ Name: _vf_rd_test_1667011282534
Value: _test_1667011282534
.viafoura.co/ Name: vfDeviceId
Value: 3a628490-812c-4f82-a034-563ec4831978
www.thestar.com/ Name: AccessToken
Value: idv2l9tbh63muoy37dtc1he0jx63zzu10yi
.demdex.net/ Name: demdex
Value: 14240018064253447653102446654314007268
.thestar.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
www.thestar.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1yS0wAAAIj0ZAN-
www.thestar.com/ Name: selectedPersonalizedCategories
Value: []
www.thestar.com/ Name: personalizedListModeEnabled
Value: true
www.thestar.com/ Name: latestContentTier
Value: 0
.thestar.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=bcb50f867aa8641611f79c6c4bde31ee%22%2C%22session_count%22:1%2C%22last_session_ts%22:1667011282243}
www.thestar.com/ Name: rememberMeML
Value: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html
embed.sendtonews.com/ Name: AWSALBTGCORS
Value: tfCApaNL5YVgQlAw+IkehsPss3KwFkOBZbVsW9A38wy4loWPeyLXN4+cG3zCC86Q9tf9D36LVoMh4/xOGS3+3qCFBUZRER1/3ONE/Seb4KQGAkJ7eEtmD2fVzVd+/Xf80pF+Frj/Y5WSFpzmUFgb1PEFMpiHFEcYL3ObSnHjHRN/ejKzN/c=
embed.sendtonews.com/ Name: AWSALBCORS
Value: N4FMlDf8JI11Rl/ggJSf8pWMEVvdkDPgC6uxNOtOifbRJfa702sA2oZXy0XZ3/krAdSDG8bpwwHxsRjFgPi/z/YdGfyHMoxSmWwBsfGnpSARyWsbRn4XOySJQ+Hn
.dpm.demdex.net/ Name: dpm
Value: 14240018064253447653102446654314007268
www.thestar.com/ Name: BCSessionID
Value: ceee2f53-c349-4974-ba57-3002e5aee1d8
.thestar.com/ Name: s_ecid
Value: MCMID%7C14271039062271633833099355754704736494
.thestar.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19295%7CMCMID%7C14271039062271633833099355754704736494%7CMCAAMLH-1667616083%7C6%7CMCAAMB-1667616083%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1667018483s%7CNONE%7CMCSYNCSOP%7C411-19302%7CMCAID%7CNONE%7CvVersion%7C5.4.0
torstar.blueconic.net/ Name: AWSALBCORS
Value: /3tMtN2SVfFLhhZ6m9SjJIL+YKtJKPI6ObkIP2ccwQX8sd6po4VHPv6KY4b0pfT+aEN8+Lmq2awwLnjrQhptB6zvIWmPRqnME2dEYuRpOPY4TniO1K2nAx9EoeoG
.thestar.com/ Name: __gads
Value: ID=9ac9c8737ada4af6:T=1667011283:S=ALNI_MYS_oLQjzJLSDCnYmdPo7gR1lG8-A
.thestar.com/ Name: __gpi
Value: UID=00000b799c48ce4f:T=1667011283:RT=1667011283:S=ALNI_MbUgNLo5QNmDcS36bPdmb13TuNvhA
.doubleclick.net/ Name: IDE
Value: AHWqTUn9DiML7SuHNrAKNQ5LJoGjnTJ3B0SQVZcQEPmk3MzNgz_WE7i0_NFAi42iP5Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
.the-ozone-project.com/ Name: ozone_uid
Value: 2Gn50p6o2ngarpzojfItcKmqsSc
.adnxs.com/ Name: uuid2
Value: 4536031174513561289
elb.the-ozone-project.com/ Name: ozone_uid
Value: 2Gn50p6o2ngarpzojfItcKmqsSc
.thestar.com/ Name: _fbp
Value: fb.1.1667011286769.1209423815
e377.thestar.com/ Name: AWSALB
Value: vb5yhRe40a/kbkwJkC16avpwEXQW+xU+5dSQY8jwqNjis9Vyi2aSKfccoDLuZ+vikcn/oWT2vpoBOZv4RvBVbrPBeruDFmrikIk7Ncyp5iUzyf/v5bmbDzjZ8Wrk
e377.thestar.com/ Name: AWSALBCORS
Value: vb5yhRe40a/kbkwJkC16avpwEXQW+xU+5dSQY8jwqNjis9Vyi2aSKfccoDLuZ+vikcn/oWT2vpoBOZv4RvBVbrPBeruDFmrikIk7Ncyp5iUzyf/v5bmbDzjZ8Wrk
.smartadserver.com/ Name: pid
Value: 551361706835419416
.thestar.com/ Name: _gcl_au
Value: 1.1.1773267981.1667011287
ads.avct.cloud/ Name: uuid
Value: db35623b-072d-445e-9881-1e18671d51e2
.t.co/ Name: muc_ads
Value: 2feb813f-e630-41c5-a209-1ef1dff05499
.twitter.com/ Name: guest_id_marketing
Value: v1%3A166701128699398165
.twitter.com/ Name: guest_id_ads
Value: v1%3A166701128699398165
.twitter.com/ Name: personalization_id
Value: "v1_acdWyAzK/1yPHh3bc5STpQ=="
.twitter.com/ Name: guest_id
Value: v1%3A166701128699398165
.yahoo.com/ Name: A3
Value: d=AQABBNeSXGMCEGpwnoJYhxiCM_H6OG2sr24FEgEBAQHkXWNmYwAAAAAA_eMAAA&S=AQAAAtR-3gyPqTeRZTKtQngbPOE
.bing.com/ Name: MUID
Value: 18614B0EB434612D3B805942B55F603A
.analytics.yahoo.com/ Name: IDSYNC
Value: 199b~27ze
.thestar.com/ Name: _uetsid
Value: 2f91ba00573311ed960fdb323ff5a98e
.thestar.com/ Name: _uetvid
Value: 2f91fb50573311eda6fe09a1d3d04a98
.thestar.com/ Name: _rdt_uuid
Value: 1667011287179.b591c3d1-55fd-4aca-b537-e72066180046
.openx.net/ Name: i
Value: 805b0972-8833-4da6-ab44-fad075d32308|1667011287
.thestar.com/ Name: _pin_unauth
Value: dWlkPU5tUXdOMkZqTlRRdE9USXdNUzAwTnpFNExUazVNMlV0WWpsbU16VXpaR0UzWW1OaA
.casalemedia.com/ Name: CMID
Value: Y1yS11lnQTH976n2g0.ScwAA
.casalemedia.com/ Name: CMPS
Value: 5150
.casalemedia.com/ Name: CMPRO
Value: 5150
.casalemedia.com/ Name: CMTS
Value: 1114
.linkedin.com/ Name: UserMatchHistory
Value: AQJ3gdvzSfEdDwAAAYQhnZkc0S8jmKShUDdq0IHVROyLwJL7FeJ5AYdRDs0Q6UYav1rNzZduRYwsGQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK09lMeRBtJPgAAAYQhnZkcI56bcsKveYIruSM4eS60_JPRY0Ex1gPlBSXseshlnx9BgNf0cLucLnAto3PERg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b0c464ba-b9b0-4599-8e9c-039d6305afb9"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2419:u=1:x=1:i=1667011287:t=1667097687:v=2:sig=AQHqEq-I2U5lBIwMA1bRU1bva7Qhc1H1"
.tiktok.com/ Name: _ttp
Value: 2Gn50wBjrsjej0nHYBeC2TQg6TD
.thestar.com/ Name: _tt_enable_cookie
Value: 1
.thestar.com/ Name: _ttp
Value: 47499014-a345-4ee5-bf9b-903e20ccf004
.360yield.com/ Name: tuuid
Value: f3214700-af5f-4307-9590-235db4f78553
.360yield.com/ Name: tuuid_lu
Value: 1667011287
.3lift.com/ Name: tluid
Value: 261800225416912313622
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202210290241277c51112c-04ec-434e-82a6-d7b7c3f661a1AQHx5CKK2_n7VizgHJ06O0zNir9_0V1A"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjcwMTEyODc7MjswMjH7KBsjhiGdtzo/B3tpgPDbjW1nHSom7bQ6lYcQ/zXJWQ==
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BA52048C-5871-4C6A-B043-70002AB68E8E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1667088000%3A174%7C1668211200%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1668211200%3A21_13_7_54_3_251_220_161_56%7C1668297600%3A35
.thestar.com/ Name: s_nr
Value: 1667011287758-New
.thestar.com/ Name: s_nr2
Value: 1667011287759-New
.thestar.com/ Name: s_cc
Value: true
.onaudience.com/ Name: cookie
Value: bdd9edd8670e18d4
.onaudience.com/ Name: done_redirects147
Value: 1
.simpli.fi/ Name: suid
Value: 43762D9FCB2445F5BE19137B2E0F3FC8
.mathtag.com/ Name: uuid
Value: 4745635c-92d7-4b00-8e10-57390f527df2
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4536031174513561289&KRTB&23339-4536031174513561289
.de17a.com/ Name: guid
Value: 1.4096643420325195087
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENiXD2NYhIEcoVAcVaB8fdI&KRTB&16514-CAESENiXD2NYhIEcoVAcVaB8fdI&KRTB&23025-CAESENiXD2NYhIEcoVAcVaB8fdI&KRTB&23386-CAESENiXD2NYhIEcoVAcVaB8fdI
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8893972195487942222
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4096643420325195087
.pubmatic.com/ Name: PugT
Value: 1667011287
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&KRTB&16736-uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&KRTB&23019-uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5&KRTB&23208-uid:ce51635c-92d7-4500-a9d9-fa87596b2ec5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8171572046384742186&KRTB&23263-8171572046384742186
.pubmatic.com/ Name: SPugT
Value: 1667011287
.bidr.io/ Name: bito
Value: AADeD07GuSYAACHWSnX6dw
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-id
Value: A5Qd48xVKkQApf2BB8DgAio
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: 5bf99270-0e16-4a50-8b70-662ddc5d9338
.bidswitch.net/ Name: c
Value: 1667011288
.bidswitch.net/ Name: tuuid_lu
Value: 1667011288
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiODg5Mzk3MjE5NTQ4Nzk0MjIyMiIsImV4cGlyZXMiOiIyMDIyLTExLTEyVDAyOjQxOjI4LjM4NjQ2MjYxNVoiLCJzb3VyY2UiOiJjb29raWUifSwiYWRueHMiOnsidWlkIjoiNDUzNjAzMTE3NDUxMzU2MTI4OSIsImV4cGlyZXMiOiIyMDIyLTExLTEyVDAyOjQxOjI3LjQ4NDY4MDUwOVoiLCJzb3VyY2UiOiJjb29raWUifSwiYXZvY2V0Ijp7InVpZCI6ImRiMzU2MjNiLTA3MmQtNDQ1ZS05ODgxLTFlMTg2NzFkNTFlMiIsImV4cGlyZXMiOiIyMDIyLTExLTEyVDAyOjQxOjI4LjA1MTUxODA1M1oiLCJzb3VyY2UiOiJjb29raWUifSwiYmVlc3dheCI6eyJ1aWQiOiJBQURlRDA3R3VTWUFBQ0hXU25YNmR3IiwiZXhwaXJlcyI6IjIwMjItMTEtMTJUMDI6NDE6MjguMzM3MDQ2NTIxWiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJncmlkIjp7InVpZCI6IjViZjk5MjcwLTBlMTYtNGE1MC04YjcwLTY2MmRkYzVkOTMzOCIsImV4cGlyZXMiOiIyMDIyLTExLTEyVDAyOjQxOjI4LjI0MDQ5MTc2MVoiLCJzb3VyY2UiOiJjb29raWUifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiZjMyMTQ3MDAtYWY1Zi00MzA3LTk1OTAtMjM1ZGI0Zjc4NTUzIiwiZXhwaXJlcyI6IjIwMjItMTEtMTJUMDI6NDE6MjcuODA1NzAzMDY3WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpeCI6eyJ1aWQiOiJZMXlTMTFsblFUSDk3Nm4yZzAuU2N3QUFcdTAwMjY1MTUwIiwiZXhwaXJlcyI6IjIwMjItMTEtMTJUMDI6NDE6MjcuNDM2MjQzMTc5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJvcGVueCI6eyJ1aWQiOiI2YTI5YjllNC05ODJiLTQxYjgtOWExZS1mMjJkOTBhZmQyNzgiLCJleHBpcmVzIjoiMjAyMi0xMS0xMlQwMjo0MToyNy43MzM4NzMzMjRaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6IjU1MTM2MTcwNjgzNTQxOTQxNiIsImV4cGlyZXMiOiIyMDIyLTExLTEyVDAyOjQxOjI4LjIwMjczMjMzNVoiLCJzb3VyY2UiOiJjb29raWUifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIyNjE4MDAyMjU0MTY5MTIzMTM2MjIiLCJleHBpcmVzIjoiMjAyMi0xMS0xMlQwMjo0MToyOC4yNzg0Mjc1MjlaIiwic291cmNlIjoiY29va2llIn0sInlhaG9vIjp7InVpZCI6InktVk93bi44RkUydUV2dVQ0aUJtRFhIcmRRbmo0OE00Z3hHamFMN1pNLX5BIiwiZXhwaXJlcyI6IjIwMjItMTEtMTJUMDI6NDE6MjguMTA2OTg0OTY5WiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjItMTAtMjlUMDI6NDE6MjYuNzk0NzMxMzk2WiJ9

17 Console Messages

Source Level URL
Text
javascript warning URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html(Line 168)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html(Line 168)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2018%2F02%2F27%2Ftoys-r-us-reportedly-in-talks-to-sell-asian-business.html&random=0.725317275175883(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html(Line 186)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/business/2018/02/27/toys-r-us-reportedly-in-talks-to-sell-asian-business.html(Line 186)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=910744192971?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=910744192971?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
92bbd257131dd1fda3d036e2d602f64d.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad2.360yield.com
ade.googlesyndication.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
api.parsely.com
api.permutive.com
api.rlcdn.com
api.thestar.com
api.viafoura.co
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
bid.g.doubleclick.net
c.amazon-adsystem.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.parsely.com
cdn.petametrics.com
cdn.resonate.com
cdn.viafoura.net
cdnjs.cloudflare.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
crb.kargo.com
csi.gstatic.com
csm.eu.criteo.net
ct.pinterest.com
d15kdpgjg3unno.cloudfront.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dt.adsafeprotected.com
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
embed.sendtonews.com
engagefront.theweathernetwork.com
eus.rubiconproject.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id.sv.rkdms.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.parsely.com
images.thestar.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
media-cdn-eu-central-1.app.delivery
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
player.sendtonews.com
prebid-server.rubiconproject.com
prebid.the-ozone-project.com
pubads.g.doubleclick.net
push.kumulos.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
r2---sn-4g5lznls.c.2mdn.net
region1.analytics.google.com
resources.thestar.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.pinimg.com
s.thestar.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sejs.moatads.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.app.delivery
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
t.co
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unified.adsafeprotected.com
unpkg.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
104.18.12.242
104.18.12.76
104.18.18.126
104.244.42.197
104.244.42.67
104.75.88.209
13.107.42.14
13.224.189.106
13.224.189.42
13.224.189.51
13.224.194.76
13.224.195.78
13.225.78.21
13.225.78.22
13.225.78.37
13.225.78.42
13.225.78.46
13.225.84.171
13.225.84.201
13.225.85.39
13.225.87.188
13.248.245.213
142.250.184.198
142.250.186.162
142.250.186.166
142.250.186.98
146.59.148.16
146.75.116.157
15.236.176.210
151.101.193.140
151.139.128.11
178.250.0.160
18.156.0.31
18.193.243.10
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
185.86.137.122
185.89.210.180
185.94.180.123
193.123.32.111
198.47.127.19
2.16.186.242
2001:4860:4802:32::3
2001:4860:4802:34::36
205.185.216.10
213.155.156.168
23.205.235.133
23.206.210.112
23.35.236.201
23.35.237.151
2600:1f13:800:7782:3796:5ca4:dcab:6108
2600:1f18:1430:9001:8e3d:635c:9121:4ea8
2600:1f18:44f0:4864:1a08:46f1:fe35:b27f
2600:9000:20eb:8800:8:2ae1:d740:93a1
2600:9000:21f3:1a00:16:970:b940:93a1
2600:9000:21f3:5e00:11:b309:9100:21
2600:9000:21f3:e00:8:48e:53c0:93a1
2606:4700:20::ac43:490d
2606:4700:4400::ac40:92f1
2606:4700::6810:7aaf
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:26::7
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:830::200d
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:2638:1::18
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a02:26f0:3500:16::215:14a0
2a02:26f0:6c00:2a2::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::be2:3001
2a03:b0c0:3:f0::1bc:5000
2a04:4e42:200::396
3.124.212.5
3.125.142.177
3.219.226.109
3.68.252.139
34.107.254.252
34.120.133.55
34.120.23.223
34.202.126.101
34.251.246.199
34.96.102.137
35.177.207.2
35.190.14.224
35.204.74.118
35.227.252.103
35.241.9.51
37.157.4.24
37.157.4.41
44.206.165.148
44.208.177.146
51.104.28.77
52.16.190.94
52.17.99.225
52.205.55.37
52.206.146.55
52.206.60.169
52.209.163.202
52.209.85.71
52.223.40.198
52.58.67.250
52.94.223.37
54.209.240.154
54.216.196.145
54.229.34.254
54.247.105.151
54.74.40.111
54.76.141.166
69.173.144.139
69.173.144.165
72.251.249.9
74.125.140.156
006eeb878afe8a8410219843d0fca315b646659fa936d8600126638237cd0eae
00c28990c4d03144ce3d62ebe1820cfedadb8abbb9e62ba7ca1becebd2a5caa3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ded8dfd847755899836095dba5f19e905cdcc6cda06d0febecd494050e2b12
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
03ab8e8f9ee83be8b7843e3770b49402d08d549901012a98514ef5e0956a2653
03bf0ead33a3596c005751f2277a4b5fe6839d31c82f9e21f5a3da4592a34e96
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
0656c4e86179f368ffb0cf806021ef1869e2a97ed3d1321a25abe0a88aa8d8dd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d20cae4b316519ee893468f185ef3fef779808e608522f500fe0d382c9273a
075f0b96d3f5faf88ceadde797d80b24f65331ed73b6787306aad4823b6c16b8
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
07a0502637cfaf9a94bdb41c7d04a5db8f66e66bd75960a91796117bebb14791
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0c46d3b5218424bc0cb4c868abfc21fbcee6fab184289a77928bce49ac3d5ba8
0ce4a369ba1ff851aeb0f37b0cbc52f2773d24c73b10133fb2b2d0c3d6fc245d
0d09bedcf2c8d8b689b404dae2586fbbc8ccf2fe654bdf333d2f784a17320151
0d1fde69ce84150f72b685ed05424b02f816f70972cba111c261ebc8f810201b
0e50f904b3c461eafe5cf6709d20a4864a28dd9c23380a817d2f36fba17e073b
101e0cf502a6391161b5c36e5d8f5fc1433f1c71cbf460f8a14888f905431291
101e909f5a85b74142f0afd95f59437add2eb4f67f274b9f4ee67ae5484a0a42
11241ea83d7af3e641272f8ce2b1820c0c467a516041320c474d43c73da1035e
129e60ab862f0c31b7abe04765ff4136c37f8de008d4d1ac9b127b9c665992b5
12cb5e02129bb8aa72513880b4a1c14fe3d06a4395500e6d1166263db3a9f8ec
12f54dc02af406e60f482b94ac9a806b4596097073e3afbe876456f4939408b6
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
1378928ad08ba71f5d370a300b56117a3d710bd793a3c8546c1b3726fd5bfec1
13ebfd27d75ec6761b816d26d30071388b64fec1207a5f7ef8f1867f7312fa5d
148e13f7ffee46391cbdd053f322ce5c3301ff122f0df8f0181eeb8b37a704a0
15010aaf65ff11ab726c1114434ae8c6636ee332cd68613f969eccf8ce968380
152b4686b835e46fa906c498a2ed5a1295b97bb5cf96d929c9dc9ef4a4afe28e
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
16ea1e0652bfd825ccf0917b5121ae28fbe39c33ad983123af3ae0811a4e97b3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18546cdcabfb25ad6dd3b63049c95b5572adc2167f18a0f8142073c801d66cb0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1885092395a50d1321421909b401618d05c62f43c4a25a17424c6e92dc9c281f
1a0c5ce8fcb2aea6f42405c5b2eed6b716ffe85c31e21eed7a1267e8c92d2c80
1b115eded3cbf42d9eaeb7eb93245610cf4405958b26131528dd8e3f3d4aa7a3
1c08be27d412702c743e960e83e8816562c718a2069b42653aea9c235da00c08
1c2cf3c28b4ca6850e001ad4db41d69f195854dd6b76e53be9b79280e2955d37
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ed310b9eefdbb8f2b7d2eb239db0a5eefb5dd7662aad685622a9833e89dcd18
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
237a90f3a06b5a034ab8716f6c5ecb54d973748ca969933af09b3997e4f1c75d
23b321ec8412a7f5f088ae9c776e4720083084fdbf532e08747585c65dfa37e9
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
26398ab3ded79ac994fe64b7e76669a5ce986d00c23b86808fb59ed826c4e48c
272120730785a4a23180641da1d6d59087cebf1f6f7786fca7e7b54f63d47df9
279c4df155f89966fca6acdb7d792d4133564119cbc035abfbc6cad85b4445d4
285fda095be94d61c83cc1751d34491a83b2c4c524b7d02a382d893d5d3e2ef5
2a53f5aa7aeb6a6604f0f76118b575bca4f1ee489fe84f2d996d2b32499552ec
2d12a793e16810312243c3f04a1d0eb87ba29436acfc0a047bc12068ae1cedad
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0cb7a84bf231beb42be41189676f3af575bcb048e330694a47d71e34c4c306
2f1c454245f6b88cd1b68985b0da1da07b13724f93e8a8b00277ead790b6c8a9
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
30563f133035e7ef6c38c2cf741e13fa80e2e7d6fd7eaa2947edfa8b430d0e62
30fff6666a0496c6190896f9989c8a4d77eed8d1e8f0255b379285c6af8c381c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32489124c2ef6322d3bb70fce9bf0f839bc58a0466072a6334b939a10aa7b0a9
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
32a8aff6dcd76841b565d01c7e239bc7a72df294dc91c1350e356314b1eba025
33b6cdd4029dec60edf07301ff36d5bdc1ec9579701d5e5d0315f8544d2a7a88
34e395eaf1bfcc27f23912f3b3c0d0acc08cc13ebf3f404efbab7e786da1af66
365e95ef61d9bc80df89e7c6cc83618223cd064b9607dded49f758c7aad556a4
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3be8db3fc54e689b718a5ca13c25305cc400b9519f96193225d19c44da5f62f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ed44361ecf8a46e0a3a35ca60e0369a8017666f0f8560f84d3abdac423ddb30
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04
3f8c7ed315896ae1847b5e4394989c4bfb01af9354374a4775eed1372aa52732
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405538e42992c36b10c8c935cb9ecb031d9384c99020345bcda5bd521794014d
422f48fa9ad1a83aa448ef95294651506f8f748d1d107f8ce30921f1f6db4126
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
4621e026330d3cb44a6be034f0cd70fb703a0374167136f1708693eb78732a61
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
476417c2fc7c2314165b262cf3a6fa1558674940c56f61e6681da8ccc7d75459
47c463c69b819f261745d592cb09fd9e802a14d13aca70062094f1c990a15cdf
48c5dfd792fde615467e3b1789f973eee607b6c98718d9338ba91f5f14606d38
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4946a7745ca266b91b98ad23d01ac326bcf650d7e7cf8eef0987131218cace10
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a0e6c21a566da04d19820a70949adcafb29a24e5141a31e45ae2b2c06c6237b
4a16b2963bc88cc2246193aa113872387b39b796b9cf4a9a1e0b4d02f87814fc
4ab4cdadd1169ec1d5c86950152805681a01488aad6f25ac0fe7168ba687adad
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1a8a022dbe001d4ee48cdef236a39f36b948116a0bf0ce58885595a21da282
4efb7c89f8de72e8351578a6cc851271e73738acd5d74abd24c3d84ead589c20
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54c3ac74e2869bfa1721e15828f9695fdc59821644bf7cad6993ae17bd818574
54ff48664abbfa772f64464a61503da8f883d1693a5aa12b03a42f501b3bd50f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
576dcb8b29d526aa67d004a12d9c59284c285b63f27a5fc3c208208630030dc8
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d3e84ce928ca29ac6e37922d62d6b9423862506ca7bd4bdc71d96454927c86
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
640c18566ee861883c41bfb49146c6fb048008b7281bc839040b2c64377c1356
64432269790b75b1159ec0211eaeb3584c288a71ba667d88462c32085f0848fd
649cffc7be27b75904c93769d7355583eb2513428adb5ed51173d6b2170c9d2d
64a63d7b1f8accdb07e04ec95f4cd972f6226e2911b66e8f906802cc1541dd1f
64aa9f492840eeafcbb65a7d47f7027ad0a0e785f0a33a7ef1b207b41f0336ea
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
663679bdd35df75aca06e52a2c8f97b2a580f9640c1f2ca50bc3a385c3dcbb47
66af53f8ed114c754912049efd31ee3e35b9ee0dc8728a12a26a0352fe37336f
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
68ae8509ef1db2e07b444696b2d8c6c9cc827bdf283bf805657172a6f0627378
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a443d4241e83595373a2e54ee7352f9eef56b623ffe61d38444a1f9bc18a
6bff897e85e41773fff1825d4263820292c1922637de90cc8aa9321b11d2d509
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6e073cf26f3d82f4816a5a6b38801e590a33c4c8ad8044cc9d7ebd37b6eabaae
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7032061102d3cf3346fd0d274eebfebb9dff0b455b1482f2e46876cd697b3b7f
70cb2143d9e036cdcd3c92e47fc97f4908841213e55fcb327f3c3012558090eb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76714a895f3d56d8cb782e514f0c835c5a589c2d26ca226981a15a8ff4fb7a53
777fcbfbc63735a8bdd6767d61825d7f1434a307fbe198c9d36df00e135330f8
79af2a4f83ffb4de287d2dc876bcd08865dbed6d0e70a9bd52f45a421c23e555
7a2085713d2ed3beb4ff428410dd16fcfec460802934a2fb0a66428ec8baad06
7b40fa21db9eef3695697e01e84359b8021919dabb16589b4e425ba8d496c457
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7d7c0185e463c86c25475d524ebf61b2b94948cadacf3a6d0e6d33ed436b547d
7e35fa568923155da5979d49969feade0028e96fd3ccfa3454dd65c16e257c92
7f0a7325777df11bc98290a853c94e5dbfb3a1f15ec7fbf8ae6c70b353c5810a
7f1e737642103fc85b4df4c2c792f03541a20ff20e22253653d5e577a3ea9c1f
8091ae86774f3b97e248df989c02290d7028ac493630a97ad509e61abd5f6eb4
822ebeed4c3acf180cf98318ea3bbde5ff0743badc21cd6b5adc55dc9de9dec3
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8296bd87355ec1b07efa5b01bddc162a77fd7986b99f13cde1a3a93803ef9f75
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
87756355c9c06dbff07ca70a57a7d5c7b1764ba03b62d445e5a4e549971359e7
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe1eed906249930e566a570798b42f30a0ce505843ac3c5fd5d57c1019cc8e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8accd7807108b834c2cecc91c6255b458aead6eddf3a4fe7566dd356df0b97a3
8b57f50c73ddd7561d0668290fc9de2b254ec27383509c8bb7dc8469dfcee63a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90e37f96c62c49f9d4f5c380a3c6dc781f016db921aa65dfb217536bad69254d
90f457fa8d1bf8fc9b7dec794f96ea40b25f003d800b7330be483382d5fd017a
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
92262a651902ccf476136e64d9fe365d8c50be8bcd8aaac3407df96bcb2482e1
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
94680d652055cda9bed2dac22350e1622baa86878eebec689fd1f3325142e5ec
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
958424403f117961c3f1a59e83d24953eb19e7c994b4517989ee100b0ae53c7f
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
979c931ca5e8259497e7766f65f6ac1f4b3bc3db28e372c1fcb91d3282a86ce1
979f096020a491482bbf7f3f772dc9d7836f16b1e01429bd1cde09a5d9229586
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
993110b176f737529ed49b8e4486bc15f0fd5219f632101b7c37f322bb8e532a
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9bbda85c97b47c9ce30f86e0f615beabcbc13dfdfc940adde3ce28605ed5ccb6
9be56ae32ed3b23a83fee4cdbbcb1709dbf91f7839076499f8ba1becdb59e87b
9c56f990629a1da174cfc03f36c92ddd58961ddb00f1de3b07ba1913f73a6e93
9e3534d987a90a565c0b7e86c571fa8d6d2f3cebfa4540ed2fddecd8a4647560
9eb57e5681a18447f92f6af08e4fd435589ae40b1be32c6b3d15bc3e7db2852e
9f42e33ec22e0abf3ac5956ce22adf9a5340ce0f46b350ce33b9c5b8ab8e3c6a
a0b3da9b212b7fddef47ff1fd9cf15da6bbad5ca97c4a37e829170856d834853
a0c908578614e6d1e6b54080436d42d84645bb8117d4c1475a9cd76864d7a2e1
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a2708bda4c13c3e0df7ebcc3fced7e1e47df5d74695d908412cd69abeeb4739f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a77130af1d9e9c93dcebc6589f7087b3a4d4d95927fce9aba83d306b473ff8
a454c37699f4c97fb7f986bc176e9b4563e6260b010bd9818cd696633f01baa8
a48306e9081077ef3dbd91297bacbe423ed479cbd284fba7e7952ea35a50bb30
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56256abd37201dd165bd8c1f26aecdcc5997a43b2e99c5db802c1c3ffd1c2eb
a5bed1ceff369bc938c0d237be1f37f7c8215e53cc31fba769b1aff7cb4b9832
a605aec959dfc10aa9d50b22668653b7674bc031458f1eb202f7eddc0520605a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
a9d7befd25aed6e8003d9de5f1447fd051a4d2ef5bed881de45bbc3cefaf606e
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
a9ef33c83acd2a7c006bcddc4e0473e9fefb5bdc56ca5bb36c92c906341ef293
aa469f55d27629220ae49c3ac0f34fd90e2cd4ea8ddfc5b334273d2396cfd049
ab7fdf3c9127d12eafda788c947f6e0e9d6d7276b5df6b971b14d87b2f70c74f
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd01dce23abc93e39fba172ec383983448699bdd3d04892a3747cfffbdfb1ab
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392
adbaa543f06710de943b33269ab77ec596301e20bbb158e356bde8c8c901d66b
adf4a7ef4e7dedcbcacd0dba7dd2cdff51f09f6add450cbe42936bdbd8591b2d
aecbdd026bcdd66647f0f25b1655cdd08252eaef059d6a2242efdb781aa121fd
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
b0555cc20f3dfc960d0c8f3cdb224727b07a7d95e3fb2832550721c7634708fc
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1404a29e9637a450a7d52116425d9d0a36f0d56f0fe41fb4bcfe172cc739a1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab2a507e5548851a01f55b30ef7403e0ae2eaffedd20e0b23e3b7bdc2dc92a
b2ab331288897ed4c8f539dae2b2b9b452ccca730ca25774b39178e8369365b5
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5ee1f823a5b57157bf1e9e88ca7b16553d85128b73acd7f92c7b3147c24dcd1
b7390c143fb117e2e8ba657c53c338b8901d466c14b6ade0a136d70ed046a6ea
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b915d3a7813f6a53e5b8c0b1ea8076c1b5dc0e023e5c3717b1203755c7a03ff5
bc2b5bddcf1a22673c3dca50357eb75f0767e259dae969fa3fcf2770d9b764d6
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bcb5373062af32e61b428c7760f6bf45f0c0c8ad7f115b707fa0046e4f2b3a44
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bd7c76c649d5516810b9f8ec8680bc31d20014124f58517b241e6c208ad760a0
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
bf5583ae55e3a6a77b3f6c9e6d5648a2698c18fbc33e589c008a232c5721906e
c186fd0a9017e1bec987d2f06eb0028e4a91e7166eb181b526f64d4a8ce03b90
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a10d3c3f51ffe99ee749f3c52c4aeb135841a0a90cfcf6a9c9070de9c61f16
c3d62b3a579e3f0389a5b959dcd3fd909d442402459f54db7d96fbdd96655436
c5e4850c25ebf482fe92bca0d7d6fe1b42438a2656c275d7ff918596c9da6072
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c8832885dd9e9e1d5594dd7818f699d89e51eaa6c010bfc7a0af647ae07831f5
c8933b2a983b476d3d98650c2f6e4027b6be6de298ed5fadc8420658a972d29d
c966bc52e11f4f40bc97f691c1a720a8e0b3a0ad0942f89d3cd22ef7e7d0dbf0
c9b1b60288569b0da753c8ddd5b2d63785aa2cfdb29e8a7899123b38d12bd194
c9d29a3416619ea2d17e58aea9851733f7564756316c0c0866ed361ef1e3fe12
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
ca3fb7dccdcc10b583431c703833c2616288b6bffa58adc61b35c688163c9b47
cba81a9533aa75d40a3cc02973ee69e96a89d383d271cbc2b53c1a7ecf0702ed
cbd3b236787e600b9480b9eecee4c67c339fd4654e31b82188fcbe148ac3a381
cc6529e585ff0071885efee9c77da4fa34a7d83313f66f4a0841a5d5130f9cbe
cdae3c6e7a64f9edc7f5a3891428c6082f7b08328d5133ce9f6fcda6f9536f7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0493ff5fb61c24be19663e94056b79abe44db03363f132cf1d7a9ce048247ca
d0a1f76723f7d8b0b92c628af386c0edc9ff33055ffcb812e33c6532cddb2cb0
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2a9c17fae0a6e3fde4571b86838f25c42312203d5c5c5acdbbfd36e97e36f78
d3dfadf23f35223746c2d4993897988319731b6371ec51805489f1481f15ba95
d4bafd6b3ada6883c7da71cb836a0e944b47338da0f52e9f5a65c5a16f533175
d83f535ee31b4e368700e1252f8876bf7cd65e3171a441694dfd5c201e00056b
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8a6e057cd5dcd0a103239a57d95232f6b0e242609b1495ec981730e5a9dcca1
d8c392f8bc86d949f9eb29f44503d225b3914fde5d46fd43f8369af0f0e41295
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
da36a515f178882982b5a6f31b13d35338b0e146b38e2562cdbd6a763e6302aa
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daec2c5ac8175cc3c9743f4342b44071d271452ca4d548d57c069cc46bf8cbec
db8d1c57a875df10881301b0dee91182e2ad4134cefa3f5957025657953ba793
dd7c9c756f61ed3d8e15a9e2a0d8a37ce2f73e5ec5e0b81b925d77150bc25a62
de0acfdc3e86b8f679ef49d8b39747699233dcb3916df1362be590728ae244dc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de81d73ff3e832a8a085cfa2ed7ab92170cb2fde25cc4f5eacbdb95ffe57813a
de8aebbd152b4ad77cf9e6ed93393bf04cca6304e0107adbd8cc1db05235551f
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793
dffc82ec60b089ae975011a3e4b11a58fcd8897baeeada086fa3e241bf132419
e1ba2f9406f04e29021cefec3f0bc0fd1e63146ea6b1f69dbdff6eb935a7f197
e2298ae007bc0362f0f15a20795bbc10e90fd81b476c39022507fcb2754fe4d4
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e32ebe58a8095b5b11fd98d378d052061b1ea557e791b24b9f1dc2a9a96bcb8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422d82de735426399a8d0dd47ef65d3e19a70abab664445b60e951009841a58
e4e144d0f7e3340b6b86f7a78d2ff3e271e62ef5367ebf3d62e364a2e1d8a095
e5cf17e004a172d469b4420142e8ced5c0c058c85e8adee76f00c0074d3e2447
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
e9761f3609acf182f7b0df58bc02e9f631161a1555e830d9b8b8afbaafeec889
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed5545fe3ebe0e3a9956d708e8546fc9d6e8b6e3bc8fdc23c9f740bcbebf82eb
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9954f9efaeb921c0507502acc686a052c11ed61a6fdd9f6100f7b68ef3151f
efbe55218f8ee658d6070708983f4f79bdae8dac24d058c2557cb806774a3c3d
f1031fe37ddf6e2dea43b692a085d3d13834d19476232256838682df634bf314
f10b37ef542ceadc01a0ab2582ecb8ca359a1851fbb0d1c2f58f26bbcff915bd
f13e3e49f7b33a78cc96b034a28385ee1e50eb8af5d3d65fbe710bf29adcbefa
f1d7f44882e5fd7ab03dac44edf1a66d949d898e0256a72cf85b1d2766470e35
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f4afbc0d323ef425664f3371b1e560662704b13db5c492cc1a5d21db74e95524
f53d2b946d632342cb88f35d1cd810f991c7e80f7a363310464af73132235e77
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6e604803e7caf1d840778dad7d901e3127c52e197ff9da8b4f96ebd5a61f18f
f717b813543dbf43eed2e072a4aaa2eda4ef6f6fdaed98a1c30e4c4807acfde5
f7579d67877657e1b6c84fec4cbb98b9f2507976928b9a199b47b5a6eb5fbdf1
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f886b46849a7acb07f0e9e309160afad90d3e743fdfb91b24bf4e0b7f2c969cc
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fe61d7c581a900910fce48ac57c1fa550d65f7efb86634c792b163c9c1d34b5f
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48