www.thestar.com Open in urlscan Pro
143.204.98.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On May 06 via manual (May 6th 2022, 10:40:07 am UTC) from US — Scanned from DE

Summary HTTP 334 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 84 IPs in 9 countries across 67 domains to perform 334 HTTP transactions. The main IP is 143.204.98.39, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 71263.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.98.125 143.204.98.125	16509 (AMAZON-02) (AMAZON-02)
2 66	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.98.19 143.204.98.19	16509 (AMAZON-02) (AMAZON-02)
11	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	52.206.166.185 52.206.166.185	14618 (AMAZON-AES) (AMAZON-AES)
1	129.213.193.172 129.213.193.172	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	18.170.16.189 18.170.16.189	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.22 143.204.101.22	16509 (AMAZON-02) (AMAZON-02)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4	143.204.98.81 143.204.98.81	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.89 143.204.101.89	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.50 143.204.101.50	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
3	52.139.4.139 52.139.4.139	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	34.253.74.200 34.253.74.200	16509 (AMAZON-02) (AMAZON-02)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
20	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	108.128.0.238 108.128.0.238	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	63.32.153.188 63.32.153.188	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:350... 2a02:26f0:3500:14::1724:a247	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
13	34.241.134.108 34.241.134.108	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:350... 2a02:26f0:3500:14::1724:a259	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:350... 2a02:26f0:3500:14::1724:a258	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	3.94.162.19 3.94.162.19	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:350... 2a02:26f0:3500:89a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	52.16.238.87 52.16.238.87	16509 (AMAZON-02) (AMAZON-02)
4 4	54.171.245.89 54.171.245.89	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2 2	3.70.86.14 3.70.86.14	16509 (AMAZON-02) (AMAZON-02)
2 2	34.243.37.252 34.243.37.252	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.162.133 3.122.162.133	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.82.242.209 192.82.242.209	() ()
1 2	37.157.3.29 37.157.3.29	() ()
1 1	151.101.194.49 151.101.194.49	() ()
3	185.64.190.80 185.64.190.80	() ()
4 4	142.250.185.194 142.250.185.194	() ()
1	185.86.139.113 185.86.139.113	() ()
2 2	216.200.232.249 216.200.232.249	() ()
1	35.244.174.68 35.244.174.68	() ()
2	185.64.190.81 185.64.190.81	() ()
2	185.64.189.110 185.64.189.110	() ()
1	169.50.137.184 169.50.137.184	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2a05:d018:d29... 2a05:d018:d29:3602:d584:42d3:abd8:529d	() ()
2 2	3.126.56.137 3.126.56.137	() ()
334	84

1 143.204.98.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 143.204.98.39 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.188.157 (Munich, Germany) 1 redirects

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.166.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-166-185.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.213.193.172 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.16.189 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-16-189.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-22.fra50.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-89.fra50.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-50.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.139.4.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.74.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.0.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-0-238.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.153.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-188.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:14::1724:a247 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.241.134.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:14::1724:a259 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:14::1724:a258 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dcd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.162.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-162-19.compute-1.amazonaws.com

hetbxw.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:89a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.238.87 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-238-87.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.245.89 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-245-89.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.86.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-86-14.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.37.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.162.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-162-133.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.82.242.209 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (None, ) 1 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (None, ) 4 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d584:42d3:abd8:529d (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	thestar.com 3 redirects thestar.com — Cisco Umbrella Rank: 53913 www.thestar.com — Cisco Umbrella Rank: 71263 e377.thestar.com — Cisco Umbrella Rank: 338529 images.thestar.com — Cisco Umbrella Rank: 157220 resources.thestar.com — Cisco Umbrella Rank: 205041 misc.thestar.com — Cisco Umbrella Rank: 907039 s.thestar.com — Cisco Umbrella Rank: 388463 api.thestar.com — Cisco Umbrella Rank: 398016 hetbxw.thestar.com	2 MB
24	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 84672 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 140043 img.sportradar.com — Cisco Umbrella Rank: 49965	708 KB
21	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 15249 query.petametrics.com — Cisco Umbrella Rank: 16835	67 KB
17	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 246 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 526074 cm.g.doubleclick.net	223 KB
16	googlesyndication.com a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	102 KB
16	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 52959 elb.the-ozone-project.com — Cisco Umbrella Rank: 10378	92 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 655 image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com image2.pubmatic.com	26 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 316	223 KB
9	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 8611 mb.moatads.com — Cisco Umbrella Rank: 848 z.moatads.com — Cisco Umbrella Rank: 523 px.moatads.com — Cisco Umbrella Rank: 579	146 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	414 KB
7	permutive.com api.permutive.com — Cisco Umbrella Rank: 2259	894 B
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 67758	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5764	110 KB
4	bidr.io 4 redirects match.prod.bidr.io — Cisco Umbrella Rank: 783	2 KB
4	clarity.ms 1 redirects k.clarity.ms — Cisco Umbrella Rank: 4103 c.clarity.ms — Cisco Umbrella Rank: 926	24 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 899 www.linkedin.com — Cisco Umbrella Rank: 787 px4.ads.linkedin.com — Cisco Umbrella Rank: 4880	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 605 c.bing.com — Cisco Umbrella Rank: 379	13 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 695 as-sec.casalemedia.com — Cisco Umbrella Rank: 1908 ssum.casalemedia.com — Cisco Umbrella Rank: 1860	2 KB
4	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3495 p1.parsely.com — Cisco Umbrella Rank: 2820	26 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 375	40 KB
4	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 887 analytics.twitter.com — Cisco Umbrella Rank: 800	685 B
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	adform.net 1 redirects cm.adform.net — Cisco Umbrella Rank: 2730 c1.adform.net	1 KB
3	gstatic.com fonts.gstatic.com	88 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 283 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 244028	5 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 447	918 B
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1250	2 KB
3	ontario.ca data.ontario.ca	101 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 213	2 KB
3	t.co t.co — Cisco Umbrella Rank: 563	540 B
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 4174	1001 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 405	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 590	808 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 24031	680 B
2	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 3244 rtb-csync.smartadserver.com	499 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 999	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 987	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	427 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5351 www.google.de — Cisco Umbrella Rank: 3632	1 KB
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1413 sync-tm.everesttech.net	801 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1038 idsync.rlcdn.com	458 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	169 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 345435	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 963	19 KB
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	612 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 945	259 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 478	239 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2213	350 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 881	277 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1965	157 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1589	3 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1823	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	28 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1014	39 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 113966	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 284179	394 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 233332	543 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 221350	143 KB
0	districtm.io Failed dmx.districtm.io Failed
334	67

	Domain	Requested by
53	www.thestar.com	2 redirects www.thestar.com
20	query.petametrics.com	www.thestar.com
13	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com ads.pubmatic.com
13	images.thestar.com	www.thestar.com
11	e377.thestar.com	www.thestar.com e377.thestar.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.thestar.com
9	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
8	img.sportradar.com	www.thestar.com
8	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
8	resources.thestar.com	www.thestar.com resources.thestar.com
7	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
7	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6	www.google.com	2 redirects tpc.googlesyndication.com www.thestar.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	px.moatads.com	www.thestar.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
4	cm.g.doubleclick.net	4 redirects
4	match.prod.bidr.io	4 redirects
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	googleads.g.doubleclick.net	www.thestar.com www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	p1.parsely.com	cdn.parsely.com www.thestar.com
3	fonts.gstatic.com	fonts.googleapis.com
3	match.adsrvr.org	js-sec.indexww.com ads.pubmatic.com
3	unpkg.com	2 redirects www.thestar.com
3	data.ontario.ca	misc.thestar.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	t.co	www.thestar.com
3	analytics.twitter.com	www.thestar.com
3	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
3	fonts.googleapis.com	www.thestar.com misc.thestar.com client
2	ups.analytics.yahoo.com	2 redirects
2	image2.pubmatic.com	ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	ads.avct.cloud	2 redirects
2	x.bidswitch.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ad2.360yield.com	2 redirects
2	ct.pinterest.com	s.pinimg.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com
2	hetbxw.thestar.com	connect.facebook.net
2	c.clarity.ms	1 redirects
2	k.clarity.ms	bat.bing.com k.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	api.thestar.com	www.thestar.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	z.moatads.com	sejs.moatads.com www.thestar.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	sync-tm.everesttech.net	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	1 redirects
1	cm.adform.net
1	pixel.rubiconproject.com
1	rtb.openx.net
1	ap.lijit.com
1	ssbsync-global.smartadserver.com	1 redirects
1	www.google.de
1	www.googleadservices.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	ad.doubleclick.net	www.thestar.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	js-sec.indexww.com
1	www.googletagservices.com	www.thestar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	api.rlcdn.com	js-sec.indexww.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
0	dmx.districtm.io Failed
334	112

This site contains links to these domains. Also see Links.

Domain
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.niagarafallsreview.ca Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.prmutv.co R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn.liftigniter.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.liftigniter.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-20` - `2022-08-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.ozpr.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
fn.sportradar.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
img.sportradar.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2022-05-05` - `2023-05-05`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: E2E657CB34D7917C6F2D252002D856D3
Requests: 252 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 6CFD9BE0672E11A3CB2397BD70015910
Requests: 1 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Frame ID: 0A043F950F9039C597FBD1FE41D6438F
Requests: 9 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: AF22AEB4DE4BBAAE295006E7C7B62B87
Requests: 1 HTTP requests in this frame

Frame: https://a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F77AF2087DBAC085CEA8206997D2606
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63EC537241F6A41BDD4793CAAA864789
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2CDBAA4A13509F8DAE890886E84B03D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 8650A64D22223EC379F2ADC4BC16F164
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 9B4A7970B01AB90FF1189FF1174F3DE3
Requests: 12 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 443A98C24AA72EAF68897B7996F89C9D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A81B69B0A01DE1A9EBE2237128579C65
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=937a3e75-e203-420a-aa79-413aae58f494&publisherId=TKN100000001&siteId=4204204311&cb=1651833600060&bidder=ozone
Frame ID: 5AFD64EF47E62F7CACA5670DBBE894FB
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: F152E47043FAE53C2611182CB5A427A7
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
Frame ID: 37D7C8A28F7F0C7CED34B1FF1C03AB76
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnT6-gAAAE86iQP0&gdpr=0&gdpr_consent=
Frame ID: D8E807ACCB111BFDB55AD354FE317B52
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADc_E7E6fYAAEBOACam2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 4D3335849EC1F9F826D675BAB132E18A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:17996274-fb06-4700-89a7-d7463b930d50&gdpr=0&gdpr_consent=
Frame ID: 8B909E0FF241249571A0C669D90DBE8E
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
Frame ID: 806C26421DEEDB711931574E942DFEB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

334
Requests

91 %
HTTPS

28 %
IPv6

67
Domains

112
Subdomains

84
IPs

9
Countries

5346 kB
Transfer

19087 kB
Size

94
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 79

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 86

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=

Request Chain 96

https://cm.everesttech.net/cm/dd?d_uuid=09910530027794767193178650178577518364 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnT6-gAAAE86iQP0

Request Chain 153

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 226

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1651833600581%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK7EFCpEiw7ZQAAAYCY9HzwwIorWXVXb89lXv2BbxG_BRP-JvaQUz6JgAczbNntYTrK0tSZD3rsS4T0yRsik3z_STo7HA

Request Chain 238

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&RedC=c.clarity.ms&MXFR=0ADB6583F4E0666C3F91741FF0E068DD HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&MUID=252C27BABACC62E004FC3626BBA763E5

Request Chain 262

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 281

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 296

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=9036307283508822255

Request Chain 297

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=095934ee-a72b-4ae5-8318-c8ca6d452a29

Request Chain 300

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADc_E7E6fYAAEBOACam2Q

Request Chain 305

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2691922455373168941717

Request Chain 307

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YnT7BJ1gPRk.onDjCMSdaQAA%261174

Request Chain 310

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=582c53a0-7554-4e06-baa5-97b975455643

Request Chain 311

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=45bdfe3b-7af7-485d-9cd5-baa0f6b1f08c

Request Chain 312

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=edbbe365-ffdb-4c3e-af76-4101e45a10bc

Request Chain 317

https://c1.adform.net/serving/cookie/match?party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7

Request Chain 318

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnT6-gAAAE86iQP0&gdpr=0&gdpr_consent=

Request Chain 319

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEY19FN0U2ZllBQUVCT0FDYW0yUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADc_E7E6fYAAEBOACam2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 320

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:17996274-fb06-4700-89a7-d7463b930d50&gdpr=0&gdpr_consent=

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4dZNEYYwTtSOPCgng9t3tw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 324

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ed56274-fb06-4e00-b3b3-edb64bd818c6

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFENjREMTEtODYzMC00RUQ0LThFM0MtMjgyNzgzREI3N0I3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 326

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_BfaVzVjZB7u3KtSlPYnE&google_cver=1

Request Chain 328

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2722231321511311565&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 331

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jlFhwFFE2uWW88230QSMtckDehXqvJg-~A&gdpr=0&gdpr_consent=

Request Chain 332

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5724650576547633571

334 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

422 KB
80 KB

22ms
22ms

Document
text/html

143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d71893b34091dfec81a05d4afabd5d565aa836e491a5d333865b8136c56a08b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 10
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 06 May 2022 10:39:46 GMT
etag: W/"6989f-80gaJjQYV9sE0NC7ibga6mq9ozI"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-id: jxvov5h4Blgu62vC6CpZjysWDKQ6pOjpBkb8TEuKglurrRBAiJLuIw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Fri, 06 May 2022 10:39:56 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-id: An0DpjTSE6RzGSW4Pmxivn4EHiGUK8I_E69d9J8Fhp1TwOKI5VAVGA==
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:09:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 10:39:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 10:39:57 GMT

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 22ms
20ms Font
font/ttf 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
content-encoding: gzip
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"6028-18094532a80"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tQ8f_8zUh3v8QbuKdw5e-3XDppSCXgpoM8UKUYll16pt7zAH38hIiw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 26ms
24ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"478c-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: b77K6qnNxv7UAUtuPxigw4WhN3YOulIMIdYxN6gs8zAYsFOoei37Iw==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 24ms
22ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4764-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ppi0IsqxhqOJTXed-dKpPcSehn8YVQqzsI-cG0fW4GOQ6FoQpMixzg==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 35ms
33ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: cLucd2kQCTZ4w1_7xhBhglBN-TJ7ZVIytM8P5lKQFU8JRCXerJ4hvQ==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 31ms
29ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4930-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: m9lGgVbXYVfHI-p1DUcIYmM2JCAREO9lsSYhXiz-kHNtDbqXDVre6w==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 33ms
31ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-18094532e68"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 40rDCkYuKP-AGgFUffriEjh-xhaTCLBypKMaY0pZ_-CYFhS6qw1vBA==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 25ms
23ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Qv1LAzHfY87waNx88toeiub1u73fHlHHCMz-5o53Mn5wCTYFgUPDvQ==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 28ms
26ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: v6t_mkfxtUmDmBtRo2ggQA9PSZuNzIJUXVIHsln26ziFlqRMfZJiEw==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 31ms
30ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d610-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: pI3tDeb3IcLqhuJtMM4mMitC-OWqUfAqa7s2WuVYxjlTBA96kRDrow==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 36ms
34ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:08 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1369
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d420-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: AaPZ23a_7eORld-0nrj8-IMQCgo78NxDX_5QX9Ix0pnmx96YrcZ95g==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 43ms
8ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 06:09:19 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
age: 16239
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zu1HVlyYLB7CJJphegJ5uaB36zawZl4vRpqRTyeFSexH80pzs4Jjkw==

GET
H2 200 script.js Show response
e377.thestar.com/ 147 KB
42 KB 38ms
10ms Script
text/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

849056f7f6a3149a9f6b288c7847dccc5348347c3c6101be78ddeec1a2df13f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 203
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42303
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Apr 2022 00:38:21 GMT
server: -
etag: 402c2f3fc850e3b5f3999c76aca4b04f
content-type: text/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: J2znKl5dPPiDvhfaTMGNXuAf44gRdllCkhVqrQSjUuBoTw3-Kn-PEw==
expires: Fri, 06 May 2022 10:46:34 GMT

GET
H2 200 72.css
www.thestar.com/static/ 8 KB
3 KB 14ms
13ms Stylesheet
text/css 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

221da5b9abab5ff408ee5174a127f762c0fbf4cd9a9bf368e0545b643419d1f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:22:44 GMT
content-encoding: gzip
age: 73033
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"205b-18094584ee8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tsaXBYrzW6cEW65lfTMm-MHJtVNjHeQVYaV6JZ2oc3bRboVAh1BvJw==

GET
H2 200 bundle.css
www.thestar.com/static/ 404 KB
51 KB 13ms
13ms Stylesheet
text/css 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0e0597c66b4c19f9a2f09795677cb7e5932d373d87b6853c6b474d68f72d0b63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:05:25 GMT
content-encoding: gzip
age: 70472
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"65139-18094584ee8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WdbRjx3_zZbAlsUsCwUjxRiHDAdk742VkbzNA-q2eDLdoZx5QO4EvA==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 494 KB
143 KB 440ms
44ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a7b0e82ceae32af48313ac4d0bb829d9c805f6060f56648c1f71122e8b180a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 3268
x-guploader-uploadid: ADPycdtVqaoE00CIpTZC9xDxNUyl8RWv2c8SIL7ou9PsUTgGXsPIKRQubhd5WDxZstEnm416y9lZMh5yhpvGvdz7f2D4kaInHKxe
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 03 May 2022 13:30:06 GMT
server: cloudflare
etag: W/"96c74560dd0a6adb620e492f13f393e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=YmTgWQ==, md5=lsdFYN0KattiDkkvE/OT4Q==
x-goog-generation: 1651584606211012
cache-control: public, max-age=900
x-goog-stored-content-length: 149562
cf-ray: 70711850a8a423f7-ZRH
expires: Fri, 06 May 2022 10:54:57 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 246 KB
85 KB 96ms
53ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5d8e2a45b87836c8fc0b8c319fd2bfaa775a1496e72b08fdf5c13337e1dcc961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:57 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: PQG4DETJRX8H23GD
ETag: "2b2e743dec21817b8854738d32ca34fd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35335
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: K+OjWLs9EHX9aDtzLLXpw2SUuYkmUzJFbZmXVy5zKVbd8V2W3wovTwsxPbumqEqEqEGSSgsCho4=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
476 B 14ms
13ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:13:20 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1597
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"16-18094532e68"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: b05fB12UEsiXo2i6Jy93_PRmAyYLHAW_4unnDII9-W4AJfkJFcVxKw==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 24ms
23ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:40 GMT
content-encoding: gzip
age: 1337
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1df3-18094532e68"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jNEqZpCyzUakNDbdaedym03urIEGd_jLySCgfGrRMKSFU2czUXThEA==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 26ms
25ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:40 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1337
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"24d-18094532e68"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: jPr6PBS9rb7Q282MHnJ3zxrT1jIevn3QCCS1H9JkJKUGhKi27Q553A==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
1 KB 21ms
20ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:40 GMT
content-encoding: gzip
age: 1337
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"73e-18094532e68"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KD_LwYyHgMP20fPDTMQq5b5Ud57xgFADw6Q66YqdTDmkJRvshMBn3Q==

GET
H2 200 Salutin_Rick_logo2015.JPG
images.thestar.com/MklXSIdIg8atXiI1OoCNL-34Vv0=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 41ms
9ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/MklXSIdIg8atXiI1OoCNL-34Vv0=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Salutin_Rick_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 497f4fc266b2c67cbcb66c848753751b28ae775e51c45aafe1d136e363c783c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:26:34 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1908803
etag: "10f1ede29e120b5822665dc948ba1ec2e7dc41db"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 2722
x-amz-cf-id: OmKdb0SeNgWk9Z2nMoNI0oA3QM0zfDlkis59oh646oSVY9JjQP_7ag==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Johnston_Chris_logo2021.png
images.thestar.com/68XbrS7CmBuYb33laspwC_EtJW8=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 13 KB
13 KB 10ms
10ms Image
image/png 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/68XbrS7CmBuYb33laspwC_EtJW8=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Johnston_Chris_logo2021.png
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 85bbe8fcfa8b2a0b5ab56a7d2099d0fe94b19d54a86eea118bb42ba9fee7a754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:33:06 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 8813210
etag: "9b76eff6780035a7829d82b0184033d4a51ada44"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 13031
x-amz-cf-id: 1UUxaqp4i3tjm84ZHa4LQgTpRcwcucMYvxcDCd1YrGoOvgfgqT8NoQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Teitel_Emma_logo_2015W.jpg
images.thestar.com/n10n7_WMuQODF0OjwQqn13sf75k=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
3 KB 13ms
13ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/n10n7_WMuQODF0OjwQqn13sf75k=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Teitel_Emma_logo_2015W.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2c1f01202b6774f437737f647c0c53f10e572afaa159ce2f14f05a79ba3e8ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:49:25 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 7447832
etag: "b21040ff4dc2f2815c59f9633be281aeb5eefb4a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 2360
x-amz-cf-id: AGZ79onNeFuElZfakqTx7s6qZJp0BW5LHry2Rc-E_ktZ-Lapj3AyoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kwong_Evelyn_logo_2015W.jpg
images.thestar.com/9cTc8dDEbaCooIVdrAmOgehpY4g=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 11ms
9ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/9cTc8dDEbaCooIVdrAmOgehpY4g=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Kwong_Evelyn_logo_2015W.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5297f694b4ad4219b3ce0c90252a1ade4d2bfe32d2f40c1e4bd2c891c8829a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 11:44:14 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 28421743
etag: "6adc052f3404542d4a93b70851a2ebc99b969b94"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 2655
x-amz-cf-id: NwJn8kvQlB8Garh59wrIwNEQp26BXuFW0cTrVnfUf9cFR2GT83oIOA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ontario-votes-web-light-version.svg
www.thestar.com/content/dam/thestar/static_images/editorial/ 4 KB
5 KB 189ms
188ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/editorial/ontario-votes-web-light-version.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

18ee6c158ecdcabd472f582e3c5718be76aa9f1e910aeb355ea1cca99dbac31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 05:13:18 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3
age: 1229200
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="ontario-votes-web-light-version.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4215
x-amz-cf-id: HHgzAfqTZvdJmXhitiBRFpb8oaNiJFkqxeqQsUn3WBnmgSsypnGr7A==
expires: Fri, 06 May 2022 10:54:58 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
703 B 24ms
24ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:41 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1336
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"107-18094532e68"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: aGsXqJV8Chk6KwTEBRj3x2p7fUK1P_ZdEsOcyeugj9_ftXc3ASAGRw==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 23ms
19ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:41 GMT
content-encoding: gzip
age: 1336
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1e63-18094532e68"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kwZmZTzgik2FqcC1N9RnjYu0i392v0y-wu14lz97KWH348rs3O-e2Q==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 44ms
40ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:41 GMT
content-encoding: gzip
age: 1336
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"2859-18094532e68"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _RE0Bu8BNVHxAYGApOo9PdQt1GSI5z-tpzwg7eR9qKWEV3aQJ4zT1A==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

28 KB
10 KB

45ms
11ms

Script
application/javascript

199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 16:26:14 GMT
etag: "1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9561
x-served-by: cache-iad-kiad7000035-IAD, cache-muc13930-MUC

Redirect headers

date: Fri, 06 May 2022 10:39:57 GMT
vary
x-cache: HIT
location: https://static.ads-twitter.com/oct.js
retry-after: 0
accept-ranges: bytes
content-length: 0
tw-cdn: FT
x-served-by: cache-muc13974-MUC

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
563 KB 205ms
202ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

61fe706e3bc5a31dcbe9fe0a1bac7cee42e68cc586d3a6e130eca6a877a5e55a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"201f0b-18094584ee8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-id: DRfY0muR3vok3EOGEldUnOsJpor_0hyJIRh6RrhOhWd3TVtLEGVKRA==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
232 KB 198ms
195ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=ea1e1734

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

1a56ba8750819bc4d4c0a1a85314cd9191491c6a475508a1fe266b7bec817a7c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"12e341-18094584ee8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-id: rWOBjKZpUdENhckozNEHUP_Ufcavet16_qHya1AyBhUco9iY5GUsmg==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 12ms
9ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 05:52:26 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
age: 17272
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CRGvJV3-TwILv5QcEg_c9YhQLeEIE6BHjO8HTdkZLe6Uo9EuL7IHcg==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
2 KB 12ms
9ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:14:28 GMT
content-encoding: br
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
age: 69930
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YZnnRCrTkJgoWYv8L09GYwWsdH80UzBiYHnxk42Yo1RGwDcGSTL8Gg==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
703 B 340ms
135ms Script
text/javascript 52.206.166.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json305

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.166.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-166-185.compute-1.amazonaws.com

Software

- /

Resource Hash

6c44882a94fdac30f4aa6b38a58a558fd7a34559a15f96b1b0ecf890fad1cdbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 465 B
543 B 1107ms
92ms Script
application/javascript 129.213.193.172
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.213.193.172 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: d4f9083e796201f531aad8e07ae8b7e9fdeb180f395d922700efea2d3e38622e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 465
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 336 KB
73 KB 68ms
18ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 902564d87ddfe92c327260fdd506b03b6d19cd61c9f9c5736e069eba3c7fada9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:27 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:32:21 GMT
server: AmazonS3
age: 451
etag: W/"ad5dba8b2f63a341b170ddd62e63a43f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6Wz1YprvlEdCvagbmwhg7zODad7lr_Ah
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: qXvWuErqZWg3m_Vddu4ciwdp3eDrcnIwrHLtdY6OQOBNXHZCkFxcUA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
78 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9b641eaf42ec228170c67a34535ca0bd50625452f951336138ba586425f6f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79614
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 549ms
196ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: bf4d004efe6978f0e4328482894c65dd1570c5a3f16c700bc12d248ac414a183

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 48ms
17ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3675786df703ae21e35cf40f2333853f559f132e6d77a89d5b408cecf096c1d7

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
701 B 54ms
13ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:39:57 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 139e11b2-e560-4e56-83f3-5862a6b9cc40
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 187 B
332 B 44ms
18ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d5bcde338aeba0acd272564af6d9a209e8728793e81841a879f762c8a0d3ddb7

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google

GET
BLOB 200
OK 545ef6a3-aafe-4516-bb0d-89d7e7870985
https://www.thestar.com/ 276 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/545ef6a3-aafe-4516-bb0d-89d7e7870985
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3edae030db950a7d5028470f183b4d95c73b3a2516b5928cc71d1246104ec4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 282394

GET
BLOB 200
OK e7e3fb71-0eae-4d61-975c-889b3f0480dd
https://www.thestar.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/e7e3fb71-0eae-4d61-975c-889b3f0480dd
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5b5bccfc284e39d933d47cd28275807dfb7f183d4c1f264c3ae1cce106d66ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 19782

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 41ms
24ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 67427785ce3bfc2ab38c0ea6d6e9d76ae558f66c1133cc6179861df79672df07

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 22ms
13ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ba4c4b115fb587477d7cb05b1edd8c57aa42ca774f5333ed670b7fffe13a60ef

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 10:07:59 GMT
server: gfra1
etag: "6274f37f-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H3 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 104 KB
27 KB 17ms
9ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 10:07:54 GMT
server: gfra1
etag: "6274f37a-6bca"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27594
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 94ms
92ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DD8A94E101B63295D9B306C6D341B7C67&h=e123d9376196a99423ba2a3d309f901e&r=0.5283098522293994

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:57 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 4 KB
4 KB 107ms
34ms Script
text/html 18.170.16.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bWPkbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=753304624932&callback=MoatNadoAllJsonpRequest_33880939
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.16.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-16-189.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 06cf31f23dde2f3c20ae661eabcb24df5923c46aa10ba5648037066641c8fe78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "065d4010f62990975d508f80cb38f090876e496e"
content-length: 3854
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 6CFD 1 KB
2 KB 47ms
17ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1774
content-length: 1374
content-type: text/html
date: Fri, 06 May 2022 10:39:57 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 57ms
10ms Script
text/javascript 143.204.101.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-22.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 06 May 2022 09:59:54 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 2431
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: -o3WNbpFlU05pKwuJeS7zCpVviqKQMp6Ppn82VQTXaLslSc_j7_5OQ==

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 221 KB
63 KB 8ms
8ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 91a53c12b18680eefb23ccf8f8ed44349cb9290c06d19c4cd1c7b78c87a2d86d

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 10:07:59 GMT
server: gfra1
etag: "6274f37f-fae1"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64225
via: 1.1 google

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 211ms
23ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:39:57 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 139 KB
39 KB 89ms
17ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aa197bcb62cf22298fdc2bcf8a29d92b47610d7f19ace8bf670873e903bf7ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 10:01:27 GMT
Server: Apache
ETag: "da4b49-22d0e-5de54f121cf5f"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1517
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39753
Expires: Fri, 06 May 2022 11:05:15 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 18ms
16ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44367
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 23ms
23ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:37:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 119
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"195ac-18094584ee8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: hAefpJ5TB0ysMhvKjkxKl6iXADGfxmQA2EJaIoBSbOtf8na6ilRj4g==

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 20ms
11ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:57 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 10:07:54 GMT
server: gfra1
etag: "6274f37a-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 24ms
24ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:20:38 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1160
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Thu, 05 May 2022 13:05:21 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-18094532e68"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ZsnuNT6HJY8KL79gSp3tulgPS__PDt51_PxKjlgtzWc-9ORH4QSRAQ==

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 0A04 23 KB
6 KB 55ms
20ms Document
text/html 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 058d1a8a629c82f344bb897688af943b1ee5041381f487250241ca16bb24a300

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 151
content-encoding: gzip
content-type: text/html
date: Fri, 06 May 2022 10:37:28 GMT
etag: W/"efa8a5cdbaf0721798da89d3f5e4b095"
last-modified: Tue, 15 Mar 2022 13:48:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id: M0hCw-WwdxoixeT3CgS_lGNW8zX52dB8XMehr5E8-gv4Y3bVowcdAw==
x-amz-cf-pop: FRA50-C1
x-amz-meta-version-id: zuaWmlrl.URWbdMHTz_ljp08.7tdSnPL
x-amz-version-id: Lr9JnYLEjix1UWK9Mg6y89PE.TsM4BuA
x-cache: Hit from cloudfront

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 150ms
126ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3c9ec35a-9d09-4687-842a-c6827596eafc&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 118
date: Fri, 06 May 2022 10:39:57 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0969d60a1455c889abdbda823cbe95c14f682e81cd312734db324498e0eee7a7
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
338 B 146ms
123ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3c9ec35a-9d09-4687-842a-c6827596eafc&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 115
date: Fri, 06 May 2022 10:39:57 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6231f4e703d850fd2ff5703f07e89d658a2fc4bedcd455774919c769008d11f
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: t/Su3YYMwliKPfOzNYZPaHE8b4ISiTwhydz1FWopctZqlK2gC3t/bjpX+RruQUTNdnyf8+g7doU8NMPKs2djYA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 06 May 2022 10:39:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 37ms
9ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 03:22:47 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 26232
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5VHTW9jCBLHxkmH1IwF2z5-_hOM7V0dExIW4Vms-sD6Xuhx2JstiCA==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 432ms
385ms Image
image/gif 143.204.101.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-89.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:59 GMT
Via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: f_3kuh92XWK8pDJMDs2O8dGHqKfrt4pnI2c60Q2XXmJlTptqoRBzog==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 40ms
9ms Script
application/javascript 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 02:39:47 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Age: 28811
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: HZ0wgbKQcgp5uEoTpFCxyMmq-2MNOAfq_zICI2SvwJlCAAMx1cOnjA==
Expires: Sat, 07 May 2022 02:39:47 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 73ms
23ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=458842
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:20:09 GMT
server: AmazonS3
x-amz-request-id: MYJED1HC06G3ZGTT
etag: "9a641477338b3d37265acf599cd17fde"
x-hw: 1651833598.cds314.lo4.hn,1651833598.cds077.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 46600
accept-ranges: bytes
x-amz-version-id: Kt7yVs60jDHQzVMEmqSmzZUltniCZ.1l
x-amz-id-2: EiYXvzFFJtjSMiHQGBnjd0UsXuHSc53EDLnlsidlbJQFmfSvPwAl1MNaLoZ1maZoFv3+zryB3Nw=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 39ms
8ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 505
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0W1V6MJTXTM8S7X65MSH
date: Fri, 06 May 2022 10:31:41 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZmyCWCVX3A7Xd2I8OezH7Bq6u1uKoJXDm5aWdqPcS5-ZnFqSF-cA-g==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 21 KB
12 KB 23ms
23ms Font
font/ttf 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?9550a1c926a47398dae39c37d99739d0

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c00545c81d97ab6aaa4ce46fd9b026817a8079477283eba5cced4003551eaf8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:38:31 GMT
content-encoding: gzip
age: 87
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 05 May 2022 13:10:57 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"54e8-18094584ee8"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vV2mVyniQUJwYjBX5cLohSkTASV5PITPQE4QcZRd1JX_WgdEu78xWA==

GET
H2 200 TorstarCompressed-Bold.woff2
www.thestar.com/assets/fonts/ 23 KB
23 KB 22ms
22ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarCompressed-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:17:43 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
age: 1335
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 23168
last-modified: Thu, 05 May 2022 13:05:20 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"5a80-18094532a80"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: lEetjQJ3l6HmbuSrgMTWLAo4ddPsiuj7A4bqcA9meqKsYCUZNJg64A==

GET
H3 200 css2
fonts.googleapis.com/ Frame 0A04 4 KB
613 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc1c4f09ff158c02c23a035afb72d4221d9e9e58a6a01b01d93191295edbc4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:21:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 10:39:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 10:39:58 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 0A04 207 KB
69 KB 32ms
31ms Script
application/javascript 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 296
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
date: Fri, 06 May 2022 10:39:58 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: of3MPxPchQX60oKzC58vVSMh24y5bHkCCseU9bw9zC4wPNAfhcv-ww==

GET
H2 200 needle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 0A04 470 B
882 B 21ms
21ms Image
image/svg+xml 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/needle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: PHp84jahms4CJNjldWqFykMudiRkBAyd
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:00 GMT
server: AmazonS3
age: 296
etag: "7b192d8826a89c17b265266118be34e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Fri, 06 May 2022 10:39:58 GMT
x-amz-meta-version-id: MV9uaQT60tDgvyFTmtizWztglNGxBqZN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 470
x-amz-cf-id: 0UQCIZkiAmFPmvt7CxGmP90K__bqecKt0WB78yIg6tTcqxoCne5QTg==

GET
H2 200 greyneedle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 0A04 465 B
835 B 11ms
11ms Image
image/svg+xml 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/greyneedle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: jfLD05iZMIZ7gkaEXfKmtY6Chs0LH8kp
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:34:40 GMT
server: AmazonS3
age: 296
etag: "7a9e2f9f869c3b5f5c1b0bc84c743854"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Fri, 06 May 2022 10:35:02 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 465
x-amz-cf-id: fNrtR8e7GcPr_pzQ8XcdQdpytGOeuVvFokjSWAdU8QH8VmI97JTAqQ==

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 0A04 918 KB
63 KB 581ms
211ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=1000&callback=getCaseData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1ebe948f0e767bd41279d199708cbacafad8afda1bfc3def1fd4aadd2b653a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:58 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 06 May 2022 11:09:58 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 0A04 211 KB
15 KB 544ms
213ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=0f8b343e-fc28-4ca5-9aab-c3a1d2c919f1&limit=2000&callback=getLTCData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6b2f6450a0cb08d4dc8b5ac5041b369ca51aa52f8082851443526215ec41fc7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:58 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 06 May 2022 11:09:58 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 0A04 220 KB
24 KB 500ms
214ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=1000&callback=getVaccineData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c557b1112754f045d4ff2636a98bbde685391a6a5f8558c2b4d2cd2682849618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:58 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 06 May 2022 11:09:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 41ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de512fe313e59fe17e2ebe834513b5c02ae334d0e74c347798bd8a0a0df9294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70385
x-xss-protection: 0
expires: Fri, 06 May 2022 10:39:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32913cfdb4e564790a9f6acf6a0f5a5bf0d88caeedeb6a139b50f585a2d570e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68865
x-xss-protection: 0
expires: Fri, 06 May 2022 10:39:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1249
date: Fri, 06 May 2022 10:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 06 May 2022 12:19:09 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

22ms
22ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9102454
fly-request-id: 01FSX6G1QVHCEFQ5K9M6V6JX3K
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 707118560c21021d-ZRH

Redirect headers

date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6G1H6HMMGWM8JDB016PND
server: cloudflare
age: 9102454
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 707118557b51021d-ZRH
access-control-allow-origin: *

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
360 B 39ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 113ms
39ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 274f303386cb1196b666044150f2c6d8f45bb438f2d24b092806e7946ba8659a

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Jun 2022 10:39:58 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 131ms
30ms XHR
application/json 34.253.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1651833598249

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2d21741cc716b50afd93d6bec2918aece75fcc0ce246433dd66711b1db2a7ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0d1e61c70.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hSGCfycyQ+A=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 325
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 18ms
17ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:26 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 453
etag: W/"d860c16ac938f7d839f0ec158d02d0f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6Dz9xOKCORNLyXgjkQjIMVbm5LTPf13_
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: QVa5J1wVdy8xRsez2pUG9nl_34oi-2AhD6KzaCST8pVVHRLnSWAdKw==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 18ms
18ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:26 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 453
etag: W/"2d1382c349d480b6b41574ac0c1af066"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: _3J59xkrobHsuYAll2WPBtOSUV_Hvpzi
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: QXXFrfy8RhgRS3EYM0OAS43ouy_mSaMdbRZr_OKOtzVIh-A_d0FAHg==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 52ms
8ms Script
application/javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-127.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: public
date: Fri, 06 May 2022 04:33:18 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 15:53:19 GMT
server: nginx
age: 24272
etag: W/"61f805ef-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UKW0HkINdj1Clpc9FNXfxvc3UBNmEBlwkyt9lLYVUb3CYH5Mk1VYwg==
expires: Sat, 07 May 2022 03:55:26 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
190 B

11ms
11ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oY6yP_v3rzn7I8XmcBRo9GKtNva962m3DgQhQxZOYamt9G1SL8BWpA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=3005674&ns__t=1651833598277&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: O6x0wN7BRX5OkALmN90B9Ic2Cv8cHjocCK0WX_2efP0tSZ6NJRIveA==
x-cache: Miss from cloudfront

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 9ms
7ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:37:16 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Server
age: 3762
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gt6uluuXvsb7rqUtDZvIp9FWOEQIhPsQTC6x7lZVwsWy_vZeJYeCUg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 32203
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Fri, 06 May 2022 01:44:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eRw9jsgYRYjB5mdDlaUOUSU-Z1Mn5wihcznPVKnUiyBkcFXmOakPSw==

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
175 B 133ms
106ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1590&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=8&jsfv=nbc&ts=1651833598298&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:58 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 105ms
23ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b3951e60cd340e02ede92699ac0c8e881d0f5f860499a93e0609fab056a1373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:39:57 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 32ms
16ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oe540&_p=1923401375&_z=ccd.tbB&cid=2125406013.1651833598&ul=en-us&sr=1600x1200&_s=1&sid=1651833598&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame 0A04 37 KB
37 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:07:46 GMT
x-content-type-options: nosniff
age: 235932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:07:46 GMT

POST
H2 200 304 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 67 KB
13 KB 388ms
388ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/304?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-05-06T10%3A39%3A58%2B00%3A00&ts=1651833598403

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

b3f5d14815773fc14f3e23fbf21445c40174fbd7223b911f6a2392622b9708f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11921
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: C3OEgC30ERJZwIWWRoFpj_DZvN0zxjFC9EhLr8b-m0v-e1rPsbICcw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame AF22 7 KB
3 KB 131ms
31ms Document
text/html 108.128.0.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.0.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-0-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v031-075e59642.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +pSy1gWeSEg=
content-encoding: gzip
date: Fri, 6 May 2022 10:39:58 GMT
last-modified: Wed, 27 Apr 2022 09:29:46 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
507 B 64ms
16ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=09947063024101685493175548010215576854&ts=1651833598414

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

703e6f794f4047b0826ee64f3f56c39b8afd9092e0c8faa19d014698a741a51b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4b698fcd-hthq5
vary: Origin
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YnT6-gAAAE86iQP0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=09910530027794767193178650178577518364
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnT6-gAAAE86iQP0

42 B
945 B

32ms
32ms

Image
image/gif

34.253.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnT6-gAAAE86iQP0

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-0c93f466e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +eSl92CdT84=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnT6-gAAAE86iQP0
Date: Fri, 06 May 2022 10:39:58 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1923401375&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1414352883&gjid=466977575&cid=2125406013.1651833598&tid=UA-70431129-1&_gid=1484435848.1651833598&_r=1&gtm=2wg540P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&z=520872143

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1923401375&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAAABAAAAAC~&jid=2013026139&gjid=876805896&cid=2125406013.1651833598&tid=UA-73335503-3&_gid=1484435848.1651833598&_r=1&gtm=2wg540P86MZHL&z=123518247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oe540&_p=1923401375&_z=ccd.tbB&cid=2125406013.1651833598&ul=en-us&sr=1600x1200&_s=1&sid=1651833598&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=2125406013.1651833598&jid=1414352883&gjid=466977575&_gid=1484435848.1651833598&_u=YAhAAAAAAAAAAC~&z=442207147

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 May 2022 10:39:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 125ms
65ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 06 May 2022 10:39:58 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 23ms
22ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:39:58 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 60 B
546 B 405ms
346ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9732615cd530cb708d91adae9f0e315fd11b6c1f8cc4c768ff1605490b2859ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:39:58 GMT
ETag: W/"3c-GIRgaxfxYS4KYdogolx0AUYDRdA"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 60
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 dfb2a2ecc2fe5626f957f876349d1dae Show response
e377.thestar.com/plugin/plugin/ 205 KB
44 KB 11ms
11ms Script
text/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/dfb2a2ecc2fe5626f957f876349d1dae

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

7b24cbf8cced6ddb17e985fe5329d186750b005210ad2589c6f5146eafa0d2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 879406
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44103
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 06:23:12 GMT
server: -
etag: dfb2a2ecc2fe5626f957f876349d1dae
content-type: text/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: qYqAVevHQ0FevIbwaVs4uC98ZwGuXVNS7r8_WyEkf5pAOY1O4_1IQw==
expires: Wed, 26 Apr 2023 06:23:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=ea1e1734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

991444d0ac35c57648169bb59ac7902df899ddc331b84399a9b39588f868238e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1206 / 650 of 1000 / last-modified: 1651788319"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 06 May 2022 10:39:58 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
424 B 196ms
195ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: X-6EfeVfqWnvbdmLQMtlidADlEjnVv05kxGPJszlYp5_x-egXeLeyw==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
425 B 211ms
211ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: 2YGTQGqqGQ9ttgrc0LCD80nwTOZvGpz5RkqgPTZHm5llblMT55Lsmw==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 40ms
40ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 67427785ce3bfc2ab38c0ea6d6e9d76ae558f66c1133cc6179861df79672df07

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 23 KB
23 KB 418ms
418ms XHR
application/octet-stream 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca2b9896b48e672f4125f3e04ed4f4f4b9ad4231a3ac5e42cac125b61d973992

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:32:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "91b7c0df3e0e6c3ce6a0f31f5f023e96"
x-cache: Miss from cloudfront
x-amz-version-id: _3i9N5xxWI3bo2EFGbInOL.VhyfYJueV
accept-ranges: bytes
content-type: application/octet-stream
content-length: 23358
x-amz-cf-id: EXNqtSeMDzXrKEa0dEzURDluLKuAmESvAYzlXUyTnby1lkkiF6GjCQ==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 23 KB
23 KB 417ms
417ms XHR
application/octet-stream 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca2b9896b48e672f4125f3e04ed4f4f4b9ad4231a3ac5e42cac125b61d973992

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:32:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "91b7c0df3e0e6c3ce6a0f31f5f023e96"
x-cache: Hit from cloudfront
x-amz-version-id: _3i9N5xxWI3bo2EFGbInOL.VhyfYJueV
accept-ranges: bytes
content-type: application/octet-stream
content-length: 23358
x-amz-cf-id: ar2NFES_mkxKu_bYWMDVLzKHlYmq9njvYtuO4R4ZQwoIjbGQZzA6JA==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 159 KB
39 KB 97ms
15ms Script
application/javascript 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=ea1e1734

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

002dc102e45c9ea4197d2098b5252b7a3427246fc889a2a534e7b816c199f7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "d24a7f4e83a457336d80f67c72198ca2-490877a80dd023e7b6ad6b32bd53a3fa"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Content-Length: 39576

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 10 KB
3 KB 213ms
199ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 29c5c6d9131bd702ef0aeeba1b6831de8029b7bca6b469a73d00c8c9fe426728

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 5 KB
2 KB 174ms
164ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: f7c077ef44868c5d23110a8c5893389f4e378085063fe38c80c49b881543ab08

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 9 KB
3 KB 170ms
160ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a6eea0d6b0913addc21d58027daad112d9e581b0598c4032eda4481fc03cd1cb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 6 KB
2 KB 187ms
176ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 973912fe5e13daa04d180cc0736fa19ef284e671009102e2105d9fe16f96f051

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 11 KB
3 KB 171ms
157ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 927958b69786bcd2230ad0550cbcf73216850a720c645aff65fa6f3070007f89

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 5 KB
2 KB 184ms
177ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 9154fb892b73c1313f3f68537840eabaaed2821f9eaeb900ee884a8c38ffc108

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 12 KB
4 KB 188ms
181ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: db7964141d92c5ef2964d8f7868952d312a2782a168d30d89a86335ca7083079

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 6 KB
2 KB 177ms
173ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 61aa2faac045081adb2e15b49a89c542ecde65f18622cccc672b8e040857cdc3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 headerimage-0-0-0.jpg
images.thestar.com/DtgJ0UdPV8XHmqKQPnpRGok0Tbg=/139x0:1759x1080/690x460/smart/https://www.thestar.com/content/dam/thestar/uploads/2022/02/28/ 56 KB
56 KB 11ms
10ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/DtgJ0UdPV8XHmqKQPnpRGok0Tbg=/139x0:1759x1080/690x460/smart/https://www.thestar.com/content/dam/thestar/uploads/2022/02/28/headerimage-0-0-0.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b2833099997251581945de32e3251b1ae41af2108d2a4e7ab88c31f56753040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 20:43:14 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1864605
etag: "6b6c73191750d35c015bec724f06ddda450fb739"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 57227
x-amz-cf-id: eyRuxewgyWcPBjBg1Db9-6cg0dRzAWhq7krGB6-cnXLzA28xZMJo1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hedman.jpg
images.thestar.com/l3ooo_iSQYybNoayHv3vW3sZsYI=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/2022/05/05/hedman-has-four-points-vasilevskiy-bounces-back-in-lightnings-win-o... 52 KB
52 KB 12ms
11ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/l3ooo_iSQYybNoayHv3vW3sZsYI=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/2022/05/05/hedman-has-four-points-vasilevskiy-bounces-back-in-lightnings-win-over-maple-leafs-in-game-2/hedman.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bc2429059fa00e4e61d419c9e5940139b132dd89352293c0c7a99824932d234f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:40:33 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 79166
etag: "d863d1d9e6289a32ce1855d54bd1c9d8fa219b91"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 53292
x-amz-cf-id: 6We62RInpfsZguQOLGGfXYLTon_axwkduuO07BW9oeLsEk2LAG_xAA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scottie_barnes_2_.jpg
images.thestar.com/KNdoQlUI5CCnwpSIDEAYKzEXdMs=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/05/05/looking-back-at-the-season-for-each-toronto-raptor-a... 48 KB
49 KB 10ms
10ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/KNdoQlUI5CCnwpSIDEAYKzEXdMs=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/05/05/looking-back-at-the-season-for-each-toronto-raptor-and-whats-ahead-for-them/scottie_barnes_2_.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a6a5aa682d61a9e1cffbb54e26b2688cd6e959557fdbbe6f6210889f0f662ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 00:27:02 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 36777
etag: "610b7f72b7efbb9774ca7deca3d5f202ecea5d91"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 49388
x-amz-cf-id: G7hzHiQ1TtmkLv4pxzxNa3-0O4jwWGoxOgNMp2k86da4O_FuoNOcwg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 247078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 14:02:01 GMT

GET
H2 200 wastewater.jpg
images.thestar.com/y9zZfg21vDk0Qun10IGW-ykpE6w=/0x0:1148x765/114x76/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/03/22/is-covid-surging-or-declining-in-the-gta-use-our-map-to-see... 7 KB
7 KB 17ms
16ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/y9zZfg21vDk0Qun10IGW-ykpE6w=/0x0:1148x765/114x76/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/03/22/is-covid-surging-or-declining-in-the-gta-use-our-map-to-see-wastewater-trends-for-your-area/wastewater.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4bb8703735194b461205a6b20c237a0e9c56951b46541cc3fde5bdb9835d1d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:12:19 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1660
etag: "111fbff84e591573f1dec75ecfbd0a3640cb87a4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 6876
x-amz-cf-id: 6lmggNraKyQEI56HianycLw5OVi3WjSkKJ9_zYDH6viJl-1Ib0VLyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1_dumpster_2.jpg
images.thestar.com/anhAox5QKBPINI3PQlhnaqQTIPs=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/05/05/body-found-in-rosedale-dumpster-belonged-to-young-girl-who... 76 KB
77 KB 10ms
10ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/anhAox5QKBPINI3PQlhnaqQTIPs=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/05/05/body-found-in-rosedale-dumpster-belonged-to-young-girl-who-may-have-died-last-year-police-say/_1_dumpster_2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e366cf3ae98be75f413a1b88727f4a90ff2cf5e2a37f35ade874fba12fbd61fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 23:24:24 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 40535
etag: "0ad599e32adeb770823afad31aecdb530ffa0eb0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 78325
x-amz-cf-id: CWvXjr7d2kvu7XsWgYg_eG5NMm_ESO7mQNycWFFzn5nr1ZYwN8eR5w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mattea_roach.jpg
images.thestar.com/hLHZlHgU4zQcSWURpeFHP60WOc0=/0x0:1200x800/114x76/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/05/05/in-a-dramatic-finish-mattea-roach-jeopardy-champ-closes-... 3 KB
3 KB 9ms
9ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/hLHZlHgU4zQcSWURpeFHP60WOc0=/0x0:1200x800/114x76/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/05/05/in-a-dramatic-finish-mattea-roach-jeopardy-champ-closes-gap-wins-23rd-game-in-a-row-on-final-question/mattea_roach.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d2cbaecb160d0ca219e48ba2b156edb20f79451648b99f308c5f7dbc9b9164d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 02:02:33 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 31046
etag: "c7b41a397ad3bb16774af8c397ed1ce73e396707"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 2676
x-amz-cf-id: TvTCns1d2M5JS2u3qqYR3VljLTGfLRTTCzmFm2SyINJuceE2zCStIA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trudeau.jpg
images.thestar.com/t92eiv6i6ID1YfZciPyHzWuWInw=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/05/05/to-f-bomb-or-not-to-f-bomb-why-that-word-justin-trudeau... 44 KB
44 KB 11ms
10ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/t92eiv6i6ID1YfZciPyHzWuWInw=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/05/05/to-f-bomb-or-not-to-f-bomb-why-that-word-justin-trudeau-did-or-didnt-say-still-matters/trudeau.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f163d886b8927f01c2dca33001797837298ac4f3547b52cf06fad32742754c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:19:54 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1205
etag: "0a3c802ca4eafad735c6be26d8ac4399c543c779"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 44942
x-amz-cf-id: zSrmxOcmhbwz_r6wdp5qctwTczy_-hkjhAkum8_mmb90UPfB3NtWvg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 190ms
190ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7492e57c60e4c4a30aff9164b4b834cfa72053bb68a162eba2a291482748f620

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"1841-O1Ul+aDBpagMlr5BbCS5qT6Bbek"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: u23oXR162koM33JCkUpGoHR9Hg5U_RfMtz8zVU3AovHjWyaczpvmpA==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 193ms
192ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

505f514de567e3302c520a8e4ddda0350baa0ffbb9a837c59decb681a39f2368

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"1d2d-Izr7Z+QgOcQG9NlMqbaHwBAT0R4"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: T5anb407n7ka54z199ArC5un2VTW6Rg7rjD6r3Vg09vt75Oj876HPg==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 192ms
192ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7555affbd321bbccc97467bdf30900bc17c4eaed5a1be5da778d7e26ea80fc3d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"113f-6F+KUDl3cp4bP+wNTgmsiDgaYTY"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: F7kxj6zuRjEropUoxlhgK5pffQ8ZJ9oFK74_cT7YQTgYi8fE6plR7A==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H3 200 tpd Show response
api.permutive.com/v2.0/ 2 B
39 B 36ms
21ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 9ms
9ms Script
text/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 20588459
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 03:39:00 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: _5gQrlP5Oet3eouRGJ2xEk5rBGLfyyu8K0GaSfHTHVFVD2noWH4Qig==
expires: Sat, 10 Sep 2022 03:39:00 GMT

GET
H2 200 a268306985406412cef9984caba78d44 Show response
e377.thestar.com/plugin/library/ 470 KB
149 KB 14ms
13ms Script
text/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/a268306985406412cef9984caba78d44

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

6eba7efe25b102daba8ab72f4f16cb18ba3915a767864a9fb3f5ee965f16ca15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 879407
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152290
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 06:23:12 GMT
server: -
etag: a268306985406412cef9984caba78d44
content-type: text/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: Vz32OP_sUI1ydHNZCi60-l05dcGpMXCOs5x5d0obBLesQctIpWYVBw==
expires: Wed, 26 Apr 2023 06:23:12 GMT

POST
H2 200 LB-Zone-3 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/304/ 2 KB
2 KB 382ms
382ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/304/LB-Zone-3?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=20c35bea-f80a-4e09-8c9b-b758ed84c3fa&overruleReferrer=&time=2022-05-06T10%3A39%3A59%2B00%3A00&ts=1651833599450

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

91afb50b514860b780ef106f9d2751ce74becf12ee01233fee2c0ebe9b6c1aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 895
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: goA83w8SThIxGqWIbKP2ptbok3DFXV5YhzjwTDK1taL4RBBYSIDERw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pubads_impl_2022050301.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 47ms
8ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127789
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 May 2023 10:11:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
770 B 53ms
16ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

db488298b49c859f2174b078a55b8d9a29aeec85baff6aec893cb26fb28abedd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Fri, 06 May 2022 10:39:59 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 194ms
193ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e67e24dcac7e64e0c07200cddfbbd7d1f5a70869c462362791d51387ddc10039

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"f82-RFGMHlcboRe/OHAM2AchDd+A2wI"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: EsU91wO9R67gAcsKTfZMPKdWU0uXjIhQSAuB1IK81lLrZGg8841RZw==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 192ms
191ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

71bd5d37c50fe82718af2dd4de1f58907278639c32ff7a1585cc61e259c0a322

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"100e-YdHeEqOAXTDSJFi90gyPaGaQsfw"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 3kgl-rZmLL2oKuSR88Qhgo-AhBGdA-zoPmApff4QCrwKTJB3UCnTIw==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 105ms
105ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7ce631b345a4bd793898a5ef0a17b63e523eb977b913940a782234a02fff6d9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"1158-s8GMW1Ul/lSptigxHTMx7uYIAoM"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: jLQUsy6y7z9vRiHn4eobhHUVu8Boh76Wa0b7P2noDEyARPJbJqJctQ==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
2 KB 191ms
190ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5fdcd48112ac7a82d4d2c659e6019268d16775b2b235078e9f581783ee0df7c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"245e-5BBFGqejtS2zWqQ6PzR3srNPJrI"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 1pCpCtYXv3Z_CH0b4YiXau44QLyazUS26RzCxjOp0A8sp6iqz9IG8w==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 203ms
203ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

cee2951267b78c7ef3062c951a525b402a75b6a6c6e664486f36dccd9f93c20a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"1db9-OjPeQlt+lpx9BDHKNaDyKAtM+cE"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: ZIFWfAGF9v9hTDEONWtvX0n48iGzunLjwmUC2bGDi-8Gz_JYW0JVJg==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK common_widgets.58001ac67fd5d99ca792.js Show response
widgets.media.sportradar.com/assets/ 453 KB
136 KB 16ms
16ms Script
application/javascript 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/common_widgets.58001ac67fd5d99ca792.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

aef4bb56a2df78a1ca6eb61c19e0f89938013f4017f347469395e54aaf09ca2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "dd4edd34d5c77cdc2ed6753d9093ad77"
X-Served-At: Fri, 06 May 2022 08:30:50 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Content-Length: 138889
Expires: Mon, 06 Jun 2022 08:30:50 GMT

GET
H/1.1 200
OK us.common.scoreTicker.067905034a756fcf561c.js Show response
widgets.media.sportradar.com/assets/ 514 KB
137 KB 42ms
15ms Script
application/javascript 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/us.common.scoreTicker.067905034a756fcf561c.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

908d68b2dd3a687ef8e2232bc5196090d051cfaf99be40111d2211a6251160e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "d9427031fd6ccece3ad0b5bc461a5917"
Last-Modified: Wed, 04 May 2022 16:06:39 GMT
X-Served-At: Wed, 04 May 2022 16:40:21 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139830
Expires: Sat, 04 Jun 2022 16:40:21 GMT

GET
H/1.1 200
OK react.cdacab7aa8472eb099c8.js Show response
widgets.media.sportradar.com/assets/ 117 KB
38 KB 42ms
16ms Script
application/javascript 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/react.cdacab7aa8472eb099c8.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

66043e453af571e35a8faf20f9cf3dec5a95a5af729e0746a62ff4528315e0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "5f74558476fd9e3fb7816f018f350e4a"
Last-Modified: Wed, 04 May 2022 16:06:38 GMT
X-Served-At: Wed, 04 May 2022 16:40:03 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37928
Expires: Sat, 04 Jun 2022 16:40:03 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
27 KB 54ms
15ms XHR
application/json 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1651823420830&h=fd214d998f6c53fb8f811bf5629e82c5

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

8c82c830cf7607762b90c908b94b8c18f1a6eca70a25ef198584dbf468ae06c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 07:50:20 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Content-Length: 26709

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 30 KB
4 KB 53ms
14ms XHR
text/css 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

37d2a19c463e69fb9b7a3ce46c0991f8a8486c6cea18da01fec6bba21bb9286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 07:50:42 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3932

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
9 KB 54ms
15ms XHR
text/plain 2a02:26f0:3500:14::1724:a247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a247 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

adc5bb393ff377d0567dea89e926a727d01f9ec93ee5535276316ddb4684d3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "4298a94736f72f87a220503196cc821b"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Fri, 06 May 2022 10:39:59 GMT
Connection: keep-alive
Content-Length: 9178

GET
H/1.1 200
OK / Show response
p1.parsely.com/plogger/ 43 B
257 B 388ms
95ms Fetch
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.parsely.com/plogger/?rand=1651833599534&plid=88080730&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651833598472&slts=0&date=Fri+May+06+2022+10%3A39%3A59+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=1012&u=pid%3Daeb3c61dcfb7a6338cd6aad55fdc0032
Requested by: Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:59 GMT
Cache-Control: no-cache
Last-Modified: Friday, 06-May-2022 10:39:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 222ms
221ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7dd31f9a44dda77f55c5dc425aaed2fec6b1e3a1fad5f7eceaa6e8af9626cff5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"2c82-vxaf9CqvmaiMBjzb90UcYUiksn4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: A6ErpkU6W6kTwoCBLmhQeOwTavQbTWCokOT8s-PcQljJdeoPoi6jIQ==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 380ms
95ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651833599541&plid=88080730&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10911%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651833598472&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Fri+May+06+2022+10%3A39%3A59+GMT%2B0000+(GMT)&action=_scroll&u=pid%3Daeb3c61dcfb7a6338cd6aad55fdc0032
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:59 GMT
Cache-Control: no-cache
Last-Modified: Friday, 06-May-2022 10:39:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 380ms
95ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651833599543&plid=88080730&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10911%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651833598472&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Fri+May+06+2022+10%3A39%3A59+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=73011797&u=pid%3Daeb3c61dcfb7a6338cd6aad55fdc0032
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:39:59 GMT
Cache-Control: no-cache
Last-Modified: Friday, 06-May-2022 10:39:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3de6a4fb2cbe4eb755287fd0094052835db8ce320bc715dcadfc79057cc54a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 10:38:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 10:39:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 10:39:59 GMT

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

29ms
28ms

Font
text/html

143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:38:30 GMT
content-encoding: gzip
etag: W/"140cd-1LvVpuu/Vsaknntj5wPlyhLCEVI"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 89
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: I0mYHvgUeWWfaLa16LCJ-bO7uXN3y0DH0_W8i4ybGqbmFu_L7p-JGw==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

Redirect headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: lOLLMV_Q3UJKN9jPkGpMQhUHZWue0o3nTqq0-XonKWiQ1ok7iNL6Ww==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
1 KB 191ms
190ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5c6db6a6bf5e986ad12608ec8adf26928a3ea5204ac3e63b51420a0714dc6dbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
content-encoding: gzip
etag: W/"a32-9Bkda9dkZXaQ35k0Sesg2+xcctE"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: KT7GLTKuF6hAXfN8KMZJfXoDw2dsZEUMuUK1CmKHAT3hexYHAQJeDQ==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 125 B
335 B 376ms
292ms XHR
application/json 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b5341cbb6fc361809ba7c7f7d878bfd3360c8a62efc9ff13c043c6dfbd7e9e88

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 125
expires: 0

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v21/ 35 KB
35 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v21/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:08:29 GMT
x-content-type-options: nosniff
age: 235890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:08:29 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 864 B
1 KB 196ms
195ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a36df23d686327d9d740d2b005cb6df3f758418285e0566a295d2dbf322815f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"360-5Ztk7KIFYDOehJ2QU3dohMiNGQ0"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 864
x-amz-cf-id: iMBvc66cEn4eQBVNs53w7yOLJONzfd8hZSD_8_z44CRSpkz54PDHLA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 193ms
192ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: uFuDAewR9FgJijBc1QnOUZ3YzTUlMRho0uB--PDFtWkcgoP4xs1sRA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1923401375&t=pageview&_s=1&dl=%2F&dp=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAEABAAAAAC~&jid=593161673&gjid=1989122757&cid=2125406013.1651833598&tid=UA-150212423-1&sf=10&_gid=1484435848.1651833598&_r=1&_slc=1&cd9=season&cd14=(not%20set)&cd2=widgets&cd3=us.common.scoreTicker&cd4=1.0&cd101=(not%20set)&cd1=1&cd6=web&cd5=en_us&cd7=sr%3Acustomer%3A6666&cd107=default&cd108=default&cd8=sr%3Ahsalias%3Atorontostar&cd110=2.0.257%3A2022-05-06T07%3A50%3A43.290Z&cd23=null&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd12=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&cd24=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd103=sr%3Abookmaker%3A129&z=435515590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:39:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
406 B 194ms
194ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: o6r0Uju-LLhgRtDqQD3EIdbSdsyQJXz0HK7MqU3q0ZqXI27JQbva_A==

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 101ms
18ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.18

Resource Hash

30953c5196d7b97ce1bd5abd6f44b350f2c7420681d417e33f37006d0f443985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"e019f412d06e211168003f82915705cb1125bf1d"
xip: 168.119.65.60
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-cwsitukj
grace: none
content-length: 921
x-feeds-fv: feeds-prod-euc1-fvauto-02a8ccf98d6e78f86
last-modified: Fri, 06 May 2022 10:36:28 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 06 May 2022 10:39:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 356281266 354836973, 181829212 182932224
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web14
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 10:41:28 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 191ms
191ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9fd2d0dfb2e4eed3fca632b3f2868a2334c1e07b7a87f993db741c8a1326bd31

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"6bf-biukqp2gxiOE5VoPOOsOVq/FJV0"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1727
x-amz-cf-id: EtbgoI-xUs5rS8MDpcTT-7SlwXg0Tt_vLgmbedMn7o8X5t-Bv4bO4Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 195ms
195ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f694a344bbdb8ba92f56437bb09026963cb4e25ec01087fdc6f9b40922a0863e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"6c4-c02s5Gz0IKtsBwAr5BkNgAwyV6U"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1732
x-amz-cf-id: NYTV5VilYsTPx261m3Dv0hBd70m7Smnlzq3vRu4LtuQ9npcckEVHrA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 190ms
190ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

021078a21a0f078cd677719043a84f1c93b1475161414f0c119119b4ef3d8886

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"6c9-srHuXnSJyb90/sv2tPWllNXrdQA"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1737
x-amz-cf-id: 3L19w8EER9d-ejLoZBL9cyQOC9m4AdG4ZEpTkYgbjKkwpLRdunsdKQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 193ms
192ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

48860e3eac4234bbdc8c33332825e0c6670550a2606ca9a5ce5487a64332b6a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
etag: W/"d6e-4A4umP0SVFfFlYry2tRYZkrjBLY"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3438
x-amz-cf-id: U7QnNcKup6MJ72ecKWOXL4PxHzxmwSWxkDrq2s8a_R5BbRGNm-qMYw==

GET
H2 200 09947063024101685493175548010215576854 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
418 B 309ms
308ms XHR
application/json 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/09947063024101685493175548010215576854
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: f73a4d5c-18ed-491e-9337-8a6c4ca41bd6
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6274fb00-496cf3fe6b02a7b1165dcf89;Sampled=0
x-amz-apigw-id: RswoGEoeIAMFTIg=
content-length: 51
x-amz-cf-id: mDCxdkRb0AGyuNFXYP6LATSEkRGJzSTGadoejgLh8V8_w_Xja2nP6Q==

OPTIONS
H2 200 09947063024101685493175548010215576854
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 354ms
313ms Preflight
application/json 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/09947063024101685493175548010215576854
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-apigw-id: RswoDEDEIAMFcyw=
x-amz-cf-id: RRJKPMyXWbANiF_cgePNqZQwRwzdt0yO8LJSczxE-gUZeqcbVByiEA==
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 92a17f00-9d40-4ece-8b7c-e67166b827e5
x-cache: Miss from cloudfront

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 64ms
63ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=XDTTnR45IqhtP&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: C1FAA8HBDG9EY068PN8E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oO_dg2dLJgQWoJalHRSp15WTSQtjgMqYM80cisW1V5sEyeRnWYCTag==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 120ms
106ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3178&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=13&jsfv=nbc&ts=1651833599885&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=3176&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F05%2F06%2Fhow-much-should-ontarios-minimum-wage-go-up-in-this-election-campaign-it-depends-which-party-you-ask.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F05%2F04%2Fpublic-funding-for-catholic-schools-must-continue-liberal-leader-steven-del-duca-says-despite-anti-abortion-moves-by-some.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F05%2F04%2Fford-horwath-and-del-duca-talk-of-hope-and-fear-for-ontario-voters-the-stakes-could-not-be-higher.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:39:59 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 toaster_v3.css
e377.thestar.com/plugins/toaster_torstar/ts_b1e85bf2b70709204478ac8389c74777/frontend/src/css/ 1 KB
1 KB 10ms
9ms Stylesheet
text/css 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toaster_torstar/ts_b1e85bf2b70709204478ac8389c74777/frontend/src/css/toaster_v3.css

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/plugin/plugin/dfb2a2ecc2fe5626f957f876349d1dae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 3336343
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Sun, 27 Mar 2022 19:54:16 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: OhNO4Lpf4rjV_6NbQNwtgjZmQa1ugr-6zjpkuZM4KOv86DeQOwKd-Q==
expires: Tue, 28 Mar 2023 19:54:16 GMT

POST
H2 200 304 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 397ms
396ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/304?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=20c35bea-f80a-4e09-8c9b-b758ed84c3fa&bctempid=&overruleReferrer=&time=2022-05-06T10%3A39%3A59%2B00%3A00&ts=1651833599933

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

c2606c72116fc9dd779733da68c08f9b9287b77d4c2552a56fafaf610955d425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2263
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: zeSu6bHd6L-AzcikXPggzMDdfoBhgzTsM1wDhSs_rI3q4V9XtU2Hjw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 304 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 398ms
397ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

85595326eba0b1b4c8d68a7c31fc2c136618ba4ba11aa19b581ef57d6514b7f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 175
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: YZAUYgfZFbgtLRr6EucWH9U2WRHjtJG7plImtxiMHvZpPBVnYsqKJw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 121ms
120ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3219&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=17&jsfv=nbc&ts=1651833599927&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 121ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3222&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=20&jsfv=nbc&ts=1651833599929&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 304 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 393ms
393ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

658ebc2782b5a6b647c729172f3eb3688b5c2a9cdfdd4f70a4d45046778cfe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 165
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 0jRD5DlkkJV4rka0uM2UQLLorbnWe-R5tYWF4ck2qdEZHu8GFt98PQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 127ms
126ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3273&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=22&jsfv=nbc&ts=1651833599980&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=3271&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F05%2F05%2Fafter-arbery-killing-16-calls-between-da-shooters-dad.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F05%2F05%2Fseemed-like-goodbye-mariupol-defenders-make-their-stand.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F05%2F05%2Fbus-video-gives-more-info-about-pittsburgh-bridge-collapse.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F05%2F05%2Fno-felony-charge-for-man-who-attacked-dave-chappelle-on-stage.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F05%2F05%2Fkarine-jean-pierre-to-be-next-white-house-press-secretary.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F05%2F05%2Ffox-chews-through-fence-kills-25-flamingos-at-national-zoo.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220505130528-627409386248023d55cff7e0jpeg.jpg
images.thestar.com/1ToDh7d7-OmIE5MBEgfnX3wjkhg=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/05/05/after-arbery-killing-16-calls-between-da-shooters-dad/ 25 KB
26 KB 15ms
14ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/1ToDh7d7-OmIE5MBEgfnX3wjkhg=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/05/05/after-arbery-killing-16-calls-between-da-shooters-dad/20220505130528-627409386248023d55cff7e0jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76b66b5945ee4eb98a00a88df455e45021adf64e4613081ef36e02ee013938c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:03:41 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 56179
etag: "56d2591beb3567fdb379fd80f275312624948b60"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 25797
x-amz-cf-id: VSgL1jTNW-p0KF456JVymx1PCODQ6w0D-vLuBOcQHJma74IUUPlorQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 2 KB
1 KB 17ms
17ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

c8ef88732423925a775c924b7ef949c2eb9f3f90540b2ccd5bf45b490e8e62e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"4cc93b5904c85ce2ee4a5709e583a0f09f8a819f"
xip: 168.119.65.109
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-iyofnzoo
grace: none
content-length: 745
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Fri, 06 May 2022 10:33:38 GMT
server: nginx/1.10.3
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 485844086, 452501218 449836910
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web15
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 11:33:38 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
863 B 115ms
115ms Script
text/javascript 52.206.166.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=20c35bea-f80a-4e09-8c9b-b758ed84c3fa&&callback=bc_json306

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.166.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-166-185.compute-1.amazonaws.com

Software

- /

Resource Hash

b9bb04fd67fca39e1b355247fbdec354163abc89354a59d96cb409fd51b06ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 118ms
118ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3304&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=28&jsfv=nbc&ts=1651833600012&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=3298&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F04%2Fno-foul-play-suspected-in-deaths-of-four-cadets-at-royal-military-college-caf-says.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F04%2Ffugitive-killed-in-sioux-lookout-plane-crash-was-suspected-international-hit-man-and-dog-breeder.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F05%2Fnova-scotia-scraps-non-resident-property-tax-to-protect-provinces-reputation.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F05%2Fbooster-is-still-needed-even-if-youve-already-had-covid-19-public-health.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F06%2Fcomplainant-to-continue-testimony-at-sex-assault-trial-of-hedley-singer-jacob-hoggard.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F05%2F04%2Fgta-man-charged-with-murder-in-death-of-london-ont-nurse.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 125ms
125ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3314&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=35&jsfv=nbc&ts=1651833600021&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20NBanner_FirstUpNewsletter_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 126ms
125ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3323&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=36&jsfv=nbc&ts=1651833600030&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=3322&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fmars%2F2022%2F05%2F05%2Ftech-update-a-multimillion-dollar-investment-in-electric-vehicle-manufacturing-canadian-carbon-capture-ventures-win-xprize.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F05%2F05%2Fbce-reports-first-quarter-profit-up-more-than-30-per-cent-from-year-ago.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F05%2F05%2Fsizing-up-how-much-boat-you-need-and-how-much-you-can-afford.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
410 B 187ms
37ms XHR
text/javascript 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2240904607%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22268338%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22268335%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22at%22%3A1%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c129bbd17e398eaeb3ce1bb80844b4502c1949ee25cf7f4ad02a86d1b689747

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.69], XFF:[]
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 96
x-ak-client-geo: 12
expires: Fri, 06 May 2022 10:40:00 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 3 MB
250 KB 126ms
125ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

ca9967141440531d338914164958c222b3491a96308f0ad15a72c91ea6d1a213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"4397b4fcf054b1f99d73a542dbfabdfcff47826f"
xip: 2001:ac8:20:3d00:1011:d149:cae2:f3c4
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-gwkqtxwz
grace: none
content-length: 254612
x-feeds-fv: feeds-prod-vie1-var-ci
last-modified: Fri, 06 May 2022 10:39:55 GMT
server: nginx/1.10.3
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 506533924 506275109, 412144132
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web16
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 10:40:15 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 52ms
51ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.18

Resource Hash

c56d192163e7bc5d9e3ba2bd13214c0b51c0561e91cb0ad12400c8e27572c239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"858ca5466d59fef564525327a2ed8efd688f6c43"
xip: 168.119.65.60
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-xcvoyzca
grace: none
content-length: 610
x-feeds-fv: feeds-prod-euc1-fvauto-004829ba05030ad12
last-modified: Fri, 06 May 2022 10:36:58 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 501449701 493974088, 302907533
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web09
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 10:41:58 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
183 B 51ms
51ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 49d0334554b750588bb16cd000ab6fcd31252f65ff13d8f1eb25dec48b521a2e

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 133ms
132ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3362&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=40&jsfv=nbc&ts=1651833600069&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=3360&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2Fadvice%2F2022%2F05%2F05%2Fbest-boxed-wine-at-the-lcbo.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth_wellness%2F2022%2F05%2F06%2Fforget-brunch-and-flowers-touched-out-moms-just-want-to-be-left-alone-mothers-day.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2F2022%2F05%2F05%2Fhow-torontos-mainstay-chinese-restaurants-bring-me-and-my-mom-closer-to-our-history-and-each-other.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 blackwell.jpg
images.thestar.com/Z9J-aT0rmuujDS0_K1YjzjCBVRM=/0x0:1124x749/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/opinion/2022/05/05/leafs-will-have-to-adjust-to-the-officiating-t... 49 KB
50 KB 41ms
41ms Image
image/jpeg 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Z9J-aT0rmuujDS0_K1YjzjCBVRM=/0x0:1124x749/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/opinion/2022/05/05/leafs-will-have-to-adjust-to-the-officiating-to-regain-their-edge-on-the-lightning/blackwell.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec315c4771f75ab19f1e2df090ce312980fae496aaffa9765ea3349f9c78aae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 00:27:03 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 36777
etag: "8dd9855c5ade6faaf9c8b067ba804d2792cad80e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-length: 50483
x-amz-cf-id: pUuPouPj-HYIWX0ii0cfcML9bnZvk_rJTGEY1KNsRa_BpeyIXnW_Gw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 128ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3375&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=44&jsfv=nbc&ts=1651833600082&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=3374&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fopinion%2F2022%2F05%2F05%2Fleafs-will-have-to-adjust-to-the-officiating-to-regain-their-edge-on-the-lightning.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2022%2F05%2F05%2Fmaple-leafs-betting-trends-fade-the-slumping-duo-of-tavares-nylander.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2F2022%2F05%2F05%2Freport-mickelson-had-40-million-in-gambling-losses.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fboxing-mma%2F2022%2F05%2F05%2Fex-world-champ-spencer-says-boxing-canada-boss-shouldve-been-fired-a-long-time-ago.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftennis%2F2022%2F05%2F05%2Fnadal-gives-edge-to-alcaraz-in-madrid-open-showdown.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2F2022%2F05%2F05%2Fmctavish-scores-twice-as-bulldogs-take-game-1-over-steelheads-with-4-2-win.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fths%2Fsports%2Fhigh-school%2F2022%2F05%2F05%2Ffirst-mark-graham-track-meet-since-covid.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2F2022%2F05%2F05%2Fcommittee-tasked-with-promoting-hockey-in-quebec-says-game-should-be-national-sport.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 123ms
123ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3384&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=50&jsfv=nbc&ts=1651833600092&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=3383&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmovies%2Fanalysis%2F2022%2F05%2F05%2Fthe-scarlet-witch-in-the-multiverse-of-misogyny.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F05%2F05%2Fcolin-firth-puts-mr-darcy-to-rest-playing-michael-peterson-in-true-crime-drama-the-staircase.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F05%2F03%2Fquiz-take-on-jeopardy-champ-mattea-roach-by-answering-her-highest-prize-winning-clues.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/ 35 B
49 B 119ms
119ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/d4bbce89-584c-482c-ae36-bcb5a2a5e492/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3403&blst=1299&ist=1583&iet=1588&bdst=1299&bdet=1431&bcttt=53&jsfv=nbc&ts=1651833600111&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=d4bbce89-584c-482c-ae36-bcb5a2a5e492&sid=50d341de-d848-4f89-f6ee-29526e07b62f&pvid=712bf347-5acf-40fa-d981-4a65f4578742&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=3401&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2F2022%2F05%2F05%2Freport-mickelson-had-40-million-in-gambling-losses.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2Fadvice%2F2022%2F05%2F05%2Fbest-boxed-wine-at-the-lcbo.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fcontributors%2F2022%2F05%2F04%2Fwhy-a-bright-5-year-old-wouldnt-vote-for-doug-ford.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F05%2F05%2Fsizing-up-how-much-boat-you-need-and-how-much-you-can-afford.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Freal_estate%2F2022%2F05%2F04%2Ftoronto-area-home-sales-plunge-as-higher-interest-rates-cool-market.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F05%2F04%2Fas-housing-market-cools-surburban-home-prices-and-sales-are-dropping-faster-than-the-downtown-core.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 111ms
111ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.18

Resource Hash

8b7a0e2beead328034eee7d51eee850ccdddf0a7b8ebb5c7cc88d892d6f8130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"d7a5fc11e3acd2e227d4def5a0d96a4519320c3d"
xip: 2001:ac8:20:3d00:1011:d149:cae2:f3c4
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-prod-zrh4-web6
grace: none
content-length: 2236
x-feeds-fv: feeds-prod-euc1-fvauto-0d9cfedd4f323b264
last-modified: Fri, 06 May 2022 10:39:51 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 491030437 483978421, 242849719
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra2
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 10:40:11 GMT

POST
H2 200 304 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 379ms
379ms XHR
application/json 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-50.fra50.r.cloudfront.net

Software

- /

Resource Hash

2cde8227a6344bccc38e9eaefb1121f2a3a902bfe47e6fbfaec48668f4f3bd76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 151
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 86Q4vnsBu7tdxgKq9bMbeaHupkpnoUb9PYWapmoQYiEP48l701FVbw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 67ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
23ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
429 B 76ms
18ms XHR
text/plain 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:40:00 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.69], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.thestar.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 06 May 2022 10:40:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 501 KB
81 KB 546ms
516ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2894988096418734&correlator=205049684126067&eid=31067436&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276&sfv=1-0-38&ecs=20220506&fsapi=false&prev_scp=pos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D86886%252Crts%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cgv_arms%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26tkspo%3D20%26env%3Dbeta%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_pl_nws_lctns_cnd_ntnl%252Cts_ent_evnt_attr_gnrl%252Cgv_crime%252Cgs_business%252Cts_sprts_ctvty_bsbll%252Cgs_entertain%252Cgs_covid19%252Cgs_politics%252Cts_bz_ndstry_gnrl%252Cgs_politics_misc%252Cpr_test%252Cgt_negative%252Cgv_death_injury%252Cgs_news_and_weather%252Cgs_home_property%252Cgv_arms%252Cgt_negative_anger%252Cts_ent_evnt_attr_sprtng_vnts%252Cgs_business_misc%252Cts_real_estate%252Cts_bz_b2b_fld_mrktng_dvrtsng%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&ppid=09947063024101685493175548010215576854&sc=1&cookie_enabled=1&abxe=1&dt=1651833600266&lmt=1651833600&dlt=1651833597074&idt=2490&biw=1600&bih=1200&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245&adys=0%2C0%2C986%2C4784%2C6057%2C7234%2C8585%2C2766&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&msz=1x-1%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&fws=0%2C0%2C512%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2125406013.1651833598&ga_sid=1651833600&ga_hid=1923401375&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

35b05139b676464424e318722af58bfee177b38edf5daf437c0331cc318096be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82600
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F77 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:40:00 GMT
expires: Sat, 06 May 2023 10:40:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3705.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 75ms
13ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3705.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

4ebb8485b400a9023b86f17f168967840bcb1cfc68a2b0f6f92ea6026d0c3fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1a01"
x-varnish: 636879884 635149589
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6657
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3682.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 76ms
14ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3682.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1c77"
x-varnish: 13380589 11874000
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 7287
server: nginx
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3684.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 86ms
24ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3684.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

282d282212de3d1a0a5c509b47b188e2a6bdc365daab73a3782ed6c6295c4805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-12ed"
x-varnish: 234926999 234455196
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 4845
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3679.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 86ms
24ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3679.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-170f"
x-varnish: 243709594 241935812
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5903
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3680.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 87ms
25ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3680.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-181e"
x-varnish: 306157237 306088487
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6174
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 89ms
27ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1b1f"
x-varnish: 289931421 289704326
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6943
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 15ms
15ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-198d"
x-varnish: 14846745 13741899
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6541
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 3694.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 17ms
16ms Image
image/png 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3694.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1648"
x-varnish: 14530571 14616318
cache-control: max-age=86400
date: Fri, 06 May 2022 10:40:00 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5704
server: nginx/1.10.3
expires: Sat, 07 May 2022 10:40:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1651833597770&de=478503506507&rx=753304624932&m=0&ar=bee2df476bf-clean&iw=d6445bb&q=1&cb=0&cu=1651833597770&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A1241%3A1779%3A0%3A1353&fs=198121&na=909084192&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 May 2022 10:40:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
28ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1ac7ae8ccf36d971f147fe1b4902f0ffcfded440423fbb9d093708ed0d260a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10626
x-xss-protection: 0

GET
H2 200 33433943 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 6 KB
3 KB 16ms
16ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/33433943

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

385e2022b954a1472bdd8f6a1310b6adab1dbf664ac78e37e93b09ed4474a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"7ff4a5c4e156c2eaa596cf784ca61cafe8876e79"
xip: 168.119.68.125
x-srv: fishnet-prod-feedsbackvar07
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-narlgiqb
grace: none
content-length: 2074
x-feeds-fv: feeds-prod-vie1-var-jf
last-modified: Fri, 06 May 2022 08:25:58 GMT
server: nginx/1.10.3
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 469353105 472719812, 439008471
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web04
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 11:25:58 GMT

GET
H2 200 33433945 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 6 KB
3 KB 19ms
19ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/33433945

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.18

Resource Hash

d9a0409f5d53b7ec623bbd8cedda1bf0bb6a97b732d1968d9f6a3a5baacce12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"3d144e084286535b9a9dc486a144b852c03d1b7e"
xip: 212.34.73.12
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-iwmuszgd
grace: none
content-length: 2056
x-feeds-fv: feeds-prod-euc1-fvauto-0d9cfedd4f323b264
last-modified: Fri, 06 May 2022 08:16:14 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 347313742, 201113786 214852559
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web03
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 11:16:14 GMT

GET
H2 200 33433947 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
2 KB 19ms
19ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/33433947

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

acf67a87d897087391bc95db43760a84a7355298dfdd3e3ebc37f8ec2fee7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"f39b5c688a01c13bf054f6492d9acabb74ca3696"
xip: 168.119.68.241
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-prod-zrh5-web4
grace: none
content-length: 1804
x-feeds-fv: feeds-prod-vie1-var-az
last-modified: Fri, 06 May 2022 10:07:25 GMT
server: nginx/1.10.3
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 478101706, 457004758
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3547
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh5_web4
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 11:08:17 GMT

GET
H2 200 33433949 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
2 KB 42ms
42ms XHR
application/json 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/33433949

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

44ddf2664ae0311f45e4410248cbb58368f1acaf5ad7a9e03f18fbd2b05bb336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"f3cecaafe00bd653a722c08ce45b9bdc371226ca"
xip: 2001:ac8:20:3d00:1011:d149:cae2:f3c4
x-srv: fishnet-prod-feedsbackvar07
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-hfhmiray
grace: none
content-length: 1796
x-feeds-fv: feeds-prod-vie1-var-ob
last-modified: Fri, 06 May 2022 10:16:15 GMT
server: nginx/1.10.3
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 486670990 479449256, 452803685 269833865
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web06
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 06 May 2022 11:16:15 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
7 KB 62ms
18ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 62ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14B4E5D1D3F64437BE7C4E2C8155AE8B Ref B: FRAEDGE1410 Ref C: 2022-05-06T10:40:00Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 06 May 2022 10:40:00 GMT
accept-ranges: bytes
content-length: 11347

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 72ms
17ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dcd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:40:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=79354
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 28 KB
9 KB 11ms
11ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 16:26:14 GMT
etag: "1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9561
x-served-by: cache-iad-kjyo7100161-IAD, cache-muc13930-MUC

GET
H2 200 B24540798.279406836;sz=1x2;ord=960782536410 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 32 KB
12 KB 74ms
38ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=960782536410?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

fd69dbb68b524b4f5be33f3edd8b63deae0e0818ee7f483cf952f7b1fa708aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
35 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de5b2503ac61eb67ab8d1847385e053679aa742ae58180bd932b773d03f83bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35441
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:40:00 GMT

GET
H2 200 2022-q2-shop-election Show response
www.thestar.com/api/overlaydatarule/ 28 KB
6 KB 110ms
109ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/2022-q2-shop-election

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d68bd5fe54c3b8b7c86114f44c46ceb593560db1b82cce22919b0591effcc5e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"703f-FEf57pcVtMGve9IatInV/X866tc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: xr55GeWcahvUJqumfJssy2B-coSa6bDyXWwOZlFM0G8Ea6akbfOBDw==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bWPkbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651833597770&de=478503506507&rx=753304624932&cu=1651833597770&m=2703&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11534&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1241%3A1779%3A0%3A1353&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=520371784&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 May 2022 10:40:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 57ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 May 2022 10:40:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 21ms
21ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
101 B 122ms
122ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=52f79580-01b1-4427-ae96-6919cd5f2eb3&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 115
date: Fri, 06 May 2022 10:39:59 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0969d60a1455c889abdbda823cbe95c14f682e81cd312734db324498e0eee7a7
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
101 B 130ms
129ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=52f79580-01b1-4427-ae96-6919cd5f2eb3&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 123
date: Fri, 06 May 2022 10:40:00 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6231f4e703d850fd2ff5703f07e89d658a2fc4bedcd455774919c769008d11f
content-length: 43

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 193ms
136ms Image
image/gif 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1651833600577&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=f0c0ad04-ecdb-4db6-9c7b-b79397a3b942&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1651833600581%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK7EFCpEiw7ZQAAAYCY9HzwwIorWXVXb89lXv2BbxG_...

0
265 B

263ms
217ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK7EFCpEiw7ZQAAAYCY9HzwwIorWXVXb89lXv2BbxG_BRP-JvaQUz6JgAczbNntYTrK0tSZD3rsS4T0yRsik3z_STo7HA
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4E64271FF3814ADCA225CFC5AB54C270 Ref B: VIEEDGE1615 Ref C: 2022-05-06T10:40:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXeVXsL6dV7sutPVnkGKQ==
x-li-fabric: prod-lor1

Redirect headers

date: Fri, 06 May 2022 10:40:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9A9A83C5414C42318604AB6600BC1BFC Ref B: FRAEDGE1210 Ref C: 2022-05-06T10:40:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651833600581&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK7EFCpEiw7ZQAAAYCY9HzwwIorWXVXb89lXv2BbxG_BRP-JvaQUz6JgAczbNntYTrK0tSZD3rsS4T0yRsik3z_STo7HA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXeVXsH21rZgyAi1zf7oA==

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 1 KB
1 KB 175ms
175ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2db3d4514e9fcf4f45b3047b46b8a71945a278e111a68fac7138b1832ba3e270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE96F8568D50471F8CC4E45ADC13D315 Ref B: FRAEDGE1410 Ref C: 2022-05-06T10:40:00Z
date: Fri, 06 May 2022 10:40:00 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 907

GET
H2 204 0
bat.bing.com/action/ 0
174 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=80840694-d7b7-4246-ba7b-f4fdca274b9a&sid=e16b5d60cd2811ecb8965bd033b4acfd&vid=e16b7a90cd2811ec8ed315dbeb064cb6&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=3770&evt=pageLoad&msclkid=N&sv=1&rn=237585

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5F400E0614F4D4EA3856F9327A10085 Ref B: FRAEDGE1410 Ref C: 2022-05-06T10:40:00Z
date: Fri, 06 May 2022 10:40:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ 8 KB
3 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=960782536410?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 May 2022 10:31:40 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
575 B 77ms
41ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDAwnZjT8VUogEyZm3SMlu-O_SLpyaVFYHj6pEdhSN49vy5kXYZaHOUIE9XX-DWINgX38v-ytfs_KJ4ilGSovHii8dagKKB3IkSJw8vUdKkb1I-vkfJzlDVhKOTZnx__1w2Q&sig=Cg0ArKJSzN-ETFd4DI3tEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220504.78897&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=960782536410?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:40:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63EC 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 09:19:46 GMT
expires: Sat, 06 May 2023 09:19:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E2CD 783 B
1 KB 40ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eff365c13cb9ef7973e8dc850f8ff6cf95bd3659d9cc60289a88ffd977bedba3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eRjBE09ulvuRw4AS0H3jZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-eRjBE09ulvuRw4AS0H3jZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:40:00 GMT
expires: Fri, 06 May 2022 10:40:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 64 KB
12 KB 116ms
115ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=00a3d083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4a58f25d43c1cc5f94f657d63ddefac59f22e9281cb0285cb0f9f7d6aa971046

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"100f2-xSm8iRnRiJ03Nc8UpiEGOH8R1tc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: XCBEe8HClJWH8O0b6uqtfGRinNGSxsyrzasmQmqkypS253TxIQo13g==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 63EC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:59:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E2CD 0
0 56ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050301&jk=2894988096418734&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63EC 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?scXSOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 clarity.js Show response
k.clarity.ms/s/0.6.34/ 53 KB
23 KB 305ms
101ms Script
application/javascript 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:00 GMT
content-encoding: br
etag: "1d85e80e187b254"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&RedC=c.clarity.ms&MXFR=0ADB6583F4E0666C3F91741FF0E068DD
https://c.clarity.ms/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&MUID=252C27BABACC62E004FC3626BBA763E5

42 B
369 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&MUID=252C27BABACC62E004FC3626BBA763E5
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70D1C780F6114E6998F90CDE95247068 Ref B: FRAEDGE1410 Ref C: 2022-05-06T10:40:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=137FCCF7A8C84786AC0D44064A44790A&MUID=252C27BABACC62E004FC3626BBA763E5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 8650 222 KB
62 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8650 16 KB
6 KB 65ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8650 96 KB
29 KB 66ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 06 May 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 May 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8650 5 KB
2 KB 67ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 06 May 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 May 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8650 42 KB
13 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
DATA 200
OK truncated
/ Frame 8650 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0208d2cf55af767395072e31d2bbcc80f0deb2e5f6f8f0c0a90c408a69145d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 10579467131509765707
tpc.googlesyndication.com/simgad/ Frame 8650 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10579467131509765707?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qncEYvC3_8lUCGC5JXOdQsn1CmDHg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90310e37456802560c9afb1d25bd9c5c6be958f99080084dedefbea93c812615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:01:53 GMT
x-content-type-options: nosniff
age: 52687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8112
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 10:40:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 May 2023 20:01:53 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8650 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 56412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8650 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 17786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 07 May 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8650 0
0 33ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJMQMN3-bi1bfeAini8BeSNxtEumvgDcGYG9QkG8yByxV_i8JGVvNP_9snp1do8RQ2odE0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8650 0
0 55ms
54ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CluD0APt0YsDfFpOT3gPSh5_oB6mGpKRohqPijOoO0LbEzLkqEAEgx-v2HmCVmpKCoAegAZXYtcgDyAECqQLBHsrX8760PuACAKgDAcgDCKoElQJP0FQzjnXtWnRscAGcuN26pwYwsvbmVH3yydykC_IPwtYBEglg05-aj2KuMSL4C8eGveaLoXyFmeXFEPfucvkhWCPD7jmOmNN8piYxTFweM8DKzg1Ic7TyAJnQlwHkNpct88qvcZw_7PtXPv0U4tJ87jsLYiCXBzbDalaXdBEca63Jhnylpk7IJp3ILVwsFokhE9mh2VYuCbQB-_JuAEcVVvUiBRbb5as-8EeU3HInl9OwmGTmXH6CZ1CAAIGBBIhn5Dr5E424MslfJ4GbSt3wAWIoUXVMkKcUiLZzhboLqIJviYdjCl2c6-7SfNshoojaqs05CcziqHeD62V13xVf0Ngb7GSUOsj8x22VTQbYaPjabSBXwATT2vD69QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH3Zz1YqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOi5BdIICQiI4YBwEAEYXYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=_UnoN6xbluo&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 9B4A 222 KB
61 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B4A 16 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B4A 96 KB
29 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 06 May 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 May 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B4A 5 KB
2 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 06 May 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 May 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B4A 42 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 425310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B4A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 56412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B4A 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 17786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 07 May 2022 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame 9B4A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca1767484fc7a3115ec42ca4f5b871482cf2ee0d7f62b2cfbe150ba50002039b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11121502520788263267
tpc.googlesyndication.com/daca_images/simgad/ Frame 9B4A 46 KB
46 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11121502520788263267

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ab3f6ed24399f1ce91ad32a3903471f4a9dc8029703d6f6eff30c81f0e97652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:42:00 GMT
x-content-type-options: nosniff
age: 79080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46926
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:19:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 May 2023 12:42:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B4A 0
0 23ms
16ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoBNS2L_lQ9ySV9HBCjV9QcE_GS1WlNWsWm_eWdYB9pdNWJq0H_k0Ex-xqqlaeHpxH4gG9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B4A 0
0 56ms
55ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CboiCAPt0YsHfFpOT3gPSh5_oB9bH_-hp6vbU1_EPChABIMfr9h5glZqSgqAHoAGWgZ_VAcgBAqkCsnRsOjQZgT7gAgCoAwHIAwiqBJUCT9AuslAPBwDkOW3c2ddUZahGRT3d_xPLepk-k6sxB6hoAgkqzmFSkmE8LFviCgXAVaOHzk2Z9bX7R02pNUzX1J3p8JgaPPNKVAPu4xzM-ucg_2YVmiL9-ZkAMCuE1mDx6ZIvhOwrortrQprDCL8ue_TaPhXINO2IkG6DuL3zMaazmZfBUw3JaywfdQFEGzcJxOc8EZbFUUOxgnqUfGk2IjbuFxyxwXsHq45mJQaCyjUHIqCSQNcD9gUyrXuFnqyZs-jYQTrp5d6IOXB6uWjV_VqimOgaFEdXG6zkn2OItjRVcVZGiRxhzihiEOvXbEVxJefwbuq5Ovh2w0hOWYmwzoXjzHA7Pn_EmSXaCl_ogWmabUiLXcAEzfvKs_MD4AQBkgUECAQYAZIFBAgFGASgBgKAB-jOvKsCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0IAa0ggJCIjhgHAQARhdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=DMdeC7TE2xA&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 12 KB
5 KB 8ms
8ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5f0743d47591bad3a29481a356f318ece9db2782b3c74773b26fef6732468bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:27 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 454
etag: W/"85ed931307bcdaa98762074c68a92763"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: qbT_IAm9KR4XMi8OxBzFV0iWN146bJqm
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: GUQe8JYSzu7U-ZxnvhbkUEX7pFa0m4yRXsD2MtdRVd1FKfkqOYh1wg==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8650
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

99ms
98ms

Image
text/html

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date: Fri, 06 May 2022 10:40:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9B4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

73ms
73ms

Image
text/html

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date: Fri, 06 May 2022 10:40:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 1 KB
1 KB 9ms
8ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 777a84c87cbb0f4e41f7eb0ae5c867a2adcc60098e087cba411ea0b89af32164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:27 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 455
etag: W/"67b9582dd9297145434e89ced25de763"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kd95A1vvwdBF0..MTlgMCD7u7At.x6Bm
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: 7UO6Y7Dv7bMCZxsXBqC3GqD0DW_6Zl88LRFnQ-g28B8zAUX6TDfUJg==

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 488 KB
143 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a8d4cbc228f97a7d78877a50fe778cb22bbb1f1a5134aa2afca894b1cf0251e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 146628
x-xss-protection: 0
pragma: public
x-fb-debug: VyH6sosYBqL1xfoMYLITe4aoA4CnLM9TKobvexodaHU0AZd4dDg6w76Wu4BXLBC/r2Ge3C7anUfS/MxKUhlumQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 06 May 2022 10:40:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC304342cd3a9f487980371091639a8dc3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 813 B
1 KB 8ms
8ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb25d9cbb5a59405edffa4ebd26f8d18f84059c1071c3387b155aa3508bbb32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:28 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 454
etag: "86c26ad809d1d092dc87a6b25743fdd6"
x-cache: Hit from cloudfront
x-amz-version-id: MnrNKSJ5Jl6_INMYHY9uMrJuCsGZUdXm
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 813
x-amz-cf-id: Xvrwhv-hkZC375RQ2plsd-OBUFyk-ncSAudhiDIqCm_7URw-R_Ga8Q==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050301&jk=2894988096418734&bg=!bG-lbyvNAAZX5TVhd-U7ACkAdvg8WioBrcl7yBb2gbIfbKbHyqFTR_bEe4AT-CxG5e9n59jrW4PalwIAAABNUgAAAAFoAQeZAqEU3GNMBlowGkVfz6h4CMAREOT-c62S_omKr3jnSBNOXZdzTYNoK0w3Blt5uihO_SrH9F6H88FHZ5M0A6t90Ib2QgZ7Y-VNpgyOcgiuLLUcJlYcii5rcm2Rb5vr3Th8VR8R6kXJJ-V6HK6Q5ktQ77R9DzaD__hnAwXjuA1OpQsDzlL_8e4krmJNcED3oc6U2RRFrX5wmGwPRFBK4tRUwf3OkUYsUCaupzfjivBcXNMHDFDW69DOrVdQBX-0abu5g2KBT1IMejQRTjDKP2X7M83r9Ti12M_lFP_8lnJrtyFUKgCmoE5-UcOLbJSebm9FS206T1vdjdyfkAvoeVH9Yfqvz_GYtVh3VuGo7rMPfqYV4yoNO1DMrMhkN4ysInL2XRNfPzvH81BlsUkxM53rxBbL30MtqU61vesfNcLPeQPQ7CeQKWpoMIDJEJUcipfLLCrIUtrXwmp3qxh8rhFwXcsOBDpWXy_u91oJUli0qkP3zIelX1re-iLx32WgOsYHodOwsSuNJNntraoOzm6C-g_Hga8bBvavCBbc1GiEL95_yYPMntXTvN3x1esFYvcP2JSqs0tmOZbKkpXaqLlbpYWWP4TD7zyP0SRCLHEfwLbUI6QVEGvIFndiTxsPH-sIkPv3yMDmp19Sd4Z4-CB6ldC8M7-ED05pqkP7ecqzyPg52KWND0PiMo64COsFnD-e9E2miWzxL4eDJJV6luebaZz8LvfmFzOLgidGWBMiy9VWJvy9zh_ELoobw0BFf2jr8Wkub4Ju4-pgz-j8cP7mbnsLQG-ZgiAGC5Y2q7YDZ6WftweY2lfAk9NPXnrdZ8tP3m-5eBxBk2WMPhJCEz9wUG63H6mp7BkRwOnEvasrkTNqvCwUMDdUVT_vtpq94zT6uciH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 2 KB
1 KB 9ms
9ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b36fa770af76aff69aee3c11fd279c11ec6fe7782f1d56f74cb35e12e13bf58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:28 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 454
etag: W/"56580e08fd755b9ad73f8d95dd759ed9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: I6OkLiZG_amPmecRtUpYLo.6jgCkdeOA
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: Q621qlVlXAKpWCXgfbwpv02de3tMrPnDnzgERj8JMQwSfWTLtBUF3A==

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
101 B 130ms
130ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=39ea1a23-4e09-4422-8eb8-1ef96ba5b97b&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 123
date: Fri, 06 May 2022 10:40:00 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0969d60a1455c889abdbda823cbe95c14f682e81cd312734db324498e0eee7a7
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
101 B 116ms
115ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=39ea1a23-4e09-4422-8eb8-1ef96ba5b97b&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 06 May 2022 10:40:01 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6231f4e703d850fd2ff5703f07e89d658a2fc4bedcd455774919c769008d11f
content-length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a3321651823cc367498a1731e258afc6f7ebadf9fdd2b81b4160f0e9dcc6b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44212
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec4045d6fd0204867ed65e0ca1dad0bfe2a4a3c703340a8ada178d3559150e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40187
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb1225ddd01e8276f0e9690183ec1462588197991ece003e14f3ce4f10457ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44215
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d21204b449462697775d80923f70526b729701c6a0293fdfc877ce7cdf2a37a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40204
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H2 200 RC2f54281ab7324fd39f76106466b9b969-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 1 KB
1023 B 8ms
8ms Script
text/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1760d8053ceef9944a42943f4e1ff5809be73c14149145e106b04933c541874a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:32:29 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 10:31:38 GMT
server: AmazonS3
age: 453
etag: W/"96d9a3d818eae6b405e8a95ba7c1ef3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: bqzkvOXnQHSyr.T6WI5oUoAYKZM_G.8.
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: RagOIgL7Baaz320KQkNAxXLD4ORXtcQCg5SSYoiXSEenKP_yntz9MQ==

POST
H2 204 collect Show response
k.clarity.ms/ 0
93 B 96ms
96ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 06 May 2022 10:40:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 events Show response
hetbxw.thestar.com/ 0
163 B 292ms
94ms XHR
text/plain 3.94.162.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hetbxw.thestar.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.58&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.94.162.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-162-19.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 06 May 2022 10:40:01 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1651833601369&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651833601365.631982762&eid=ob3_plugin-set_70e7697b2487620b082976dca3374043b763c335abccb909aadb663e71dbf256&it=1651833601283&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 218ms
127ms Script
application/javascript 2a02:26f0:3500:89a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 48ms
26ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 10:40:01 GMT

GET
H3

200

activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 443A
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww...

409 B
362 B

43ms
26ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

aac04082e661e86dc1d83cf05890520521b8c4200c03e0971cf77504d2b50186

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:40:01 GMT
expires: Fri, 06 May 2022 10:40:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:40:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 27ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1651833601446&cv=9&fst=1651833601446&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ad9f5f671698e04cc215d01e86e3f5ed3cf9fb2fe5130bda534dd23a9fd622cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1651833601446&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=3153370678&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1651833601446&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=3153370678&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame 443A 42 B
63 B 59ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKSOrNjXyvcCFRsfBgAdbiULsw;src=10230056;type=ret01;cat=land01;ord=8055706928415;gtm=2od540;auiddc=1291802354.1651833601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 117ms
117ms Script
application/javascript 2a02:26f0:3500:89a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
831 B 92ms
40ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1651833601721

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.916656b8.1651833601.408f9013
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1418207654680161
pin-unauth: dWlkPU9HVTNPV0l5TkdZdE1EaGhaQzAwWVdReExUazJOR0V0TXpOaVkyTTRNell4TVdVNA
access-control-allow-origin: https://www.thestar.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 90ms
41ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1651833601723

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:01 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.916656b8.1651833601.408f9023
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1626179910578916
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events Show response
hetbxw.thestar.com/ 0
162 B 94ms
94ms XHR
text/plain 3.94.162.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hetbxw.thestar.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.58&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.94.162.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-162-19.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 06 May 2022 10:40:01 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A81B 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:40:01 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 s74221723314400 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCS4/ 43 B
351 B 17ms
16ms XHR
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCS4/s74221723314400

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 May 2022 10:40:02 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 May 2022 10:40:02 GMT
server: jag
xserver: anedge-b4b698fcd-qllrd
etag: 3547285649784242176-4619633733901990654
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 05 May 2022 10:40:02 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8650 42 B
64 B 43ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZzQ3HVDNPAP0ndU8L7jE310yg_KHMaj2_ih8slysiX-3rpEBaTw0JcefbbutsHNbhlZiK0AtezTOgqU8ptr0-gbVoKkXdIdNUW4ZIKsb1hFS6uB_PrAdk5ph5&sai=AMfl-YRVxFx380oDXkT-rrl5u2hFQQlZD-kMKaN5MkQUcZN_u-oq-ughVRKq1XWhmyNGZ3xV6jLr8yxQ0HmWXOzTiZzXvrvINDnOleVDu5aH4api_R_YYbvH2253FEZVhiRR&sig=Cg0ArKJSzJl3wpMvWWU7EAE&cid=CAQSPwCNIrLMabplGwBXmblu2m2Rv0TRUuIkEnNX_M82urb6M_H5zreW5aSkQkYgDvdyUBPbdB0jjvouxqKU4eh2vg&id=ampim&o=436,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=418&tls=1418&g=100&h=100&tt=1419&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 21ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ca23675444cc6935c5bea16720ec7f72d49336cc56e44cac9da80afe12864d47

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 06 May 2022 10:40:02 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
via: 1.1 google

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 5AFD 11 KB
12 KB 36ms
32ms Document
text/html 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=937a3e75-e203-420a-aa79-413aae58f494&publisherId=TKN100000001&siteId=4204204311&cb=1651833600060&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11722
content-type: text/html; charset=utf-8
date: Fri, 06 May 2022 10:40:03 GMT
expires: 0
last-modified: Fri, 06 May 2022 07:36:05 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 5AFD 4 KB
4 KB 31ms
31ms XHR
text/plain 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=937a3e75-e203-420a-aa79-413aae58f494&publisherId=TKN100000001&siteId=4204204311&cb=1651833600060&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 864c0d6d08c81313bcd38345a53466ace3ce681a077d507d90bca39daaa31dce

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=937a3e75-e203-420a-aa79-413aae58f494&publisherId=TKN100000001&siteId=4204204311&cb=1651833600060&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=9036307283508822255

0
359 B

31ms
31ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=9036307283508822255
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=9036307283508822255
date: Fri, 06 May 2022 10:40:02 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=095934ee-a72b-4ae5-8318-c8ca6d452a29

0
491 B

31ms
30ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=095934ee-a72b-4ae5-8318-c8ca6d452a29
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=095934ee-a72b-4ae5-8318-c8ca6d452a29
date: Fri, 06 May 2022 10:40:03 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 23ms
22ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:40:03 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 22ms
22ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 06 May 2022 10:40:02 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADc_E7E6fYAAEBOACam2Q

0
608 B

32ms
31ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADc_E7E6fYAAEBOACam2Q
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADc_E7E6fYAAEBOACam2Q
Date: Fri, 06 May 2022 10:40:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5AFD 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame 5AFD 0
0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5AFD 0
277 B 53ms
15ms Image
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 06 May 2022 10:40:03 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 5AFD 43 B
350 B 36ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b86td0tu7telde11p3lgaaq4e939juj1

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2691922455373168941717

0
723 B

32ms
31ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2691922455373168941717
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2691922455373168941717
date: Fri, 06 May 2022 10:40:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5AFD 0
239 B 47ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YnT7BJ1gPRk.onDjCMSdaQAA%261174

0
844 B

32ms
31ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YnT7BJ1gPRk.onDjCMSdaQAA%261174
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:40:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YnT7BJ1gPRk.onDjCMSdaQAA%261174
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 303
Expires: Fri, 06 May 2022 10:40:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=6354&wr=6353&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bWPkbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11519&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11534&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651833597770&de=478503506507&rx=753304624932&cu=1651833597770&m=6354&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1241%3A1779%3A3770%3A1353&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3602&cd=0&ah=3602&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=1539951096&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 May 2022 10:40:04 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 5AFD 43 B
106 B 69ms
20ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_priva...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=582c53a0-7554-4e06-baa5-97b975455643

0
964 B

31ms
30ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=582c53a0-7554-4e06-baa5-97b975455643
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=582c53a0-7554-4e06-baa5-97b975455643
Date: Fri, 06 May 2022 10:40:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%...
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=45bdfe3b-7af7-485d-9cd5-baa0f6b1f08c

0
1 KB

31ms
31ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=45bdfe3b-7af7-485d-9cd5-baa0f6b1f08c
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=45bdfe3b-7af7-485d-9cd5-baa0f6b1f08c
date: Fri, 06 May 2022 10:40:04 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=edbbe365-ffdb-4c3e-af76-4101e45a10bc

0
1 KB

32ms
32ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=edbbe365-ffdb-4c3e-af76-4101e45a10bc
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=edbbe365-ffdb-4c3e-af76-4101e45a10bc
date: Fri, 06 May 2022 10:40:04 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F152 15 KB
6 KB 232ms
16ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=937a3e75-e203-420a-aa79-413aae58f494&publisherId=TKN100000001&siteId=4204204311&cb=1651833600060&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=61872
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 06 May 2022 10:40:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 07 May 2022 03:51:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F152 2 KB
3 KB 1127ms
155ms Script
text/html 192.82.242.209

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39364152&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.82.242.209 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bd8d6b5a9143e816843adc9330162c21631fd56a41efdfda47abb104de72550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:04 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bWPkbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=10&mc=0&lb=11519&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=11519&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651833597770&de=478503506507&rx=753304624932&cu=1651833597770&m=7356&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1241%3A1779%3A3770%3A1353&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4604&cd=3602&ah=4604&am=3602&xd=00&rf=0&re=0&wb=1&ai=6354&wr=6353&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=756243991&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 May 2022 10:40:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bWPkbBsgY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&fl=1&j=&xc=0&xb=0&xa=0&md=10&mc=10&lb=11519&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=11519&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651833597770&de=478503506507&rx=753304624932&cu=1651833597770&m=7820&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1241%3A1779%3A3770%3A1353&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5011&cd=4604&ah=5011&am=4604&xd=00&rf=0&re=0&wb=1&ai=6354&wr=6353&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=1704695988&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 May 2022 10:40:05 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 37D7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7

35 B
468 B

17ms
17ms

Document
image/gif

37.157.3.29

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 06 May 2022 10:40:06 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 06 May 2022 10:40:06 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D8E8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnT6-gAAAE86iQP0&gdpr=0&gdpr_consent=

1 B
545 B

247ms
19ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnT6-gAAAE86iQP0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 06 May 2022 10:40:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug010:0:448

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 06 May 2022 10:40:05 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnT6-gAAAE86iQP0&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4049-HHN
x-timer: S1651833606.990669,VS0,VE0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 4D33
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEY19FN0U2ZllBQUVCT0FDYW0yUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADc_E7E6fYAAEBOACam2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

224ms
24ms

Document
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADc_E7E6fYAAEBOACam2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Fri, 06 May 2022 10:40:06 GMT
transfer-encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 06 May 2022 10:40:06 GMT
Server: nginx
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADc_E7E6fYAAEBOACam2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8B90
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:17996274-fb06-4700-89a7-d7463b930d50&gdpr=0&gdpr_consent=

42 B
361 B

32ms
31ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:17996274-fb06-4700-89a7-d7463b930d50&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 May 2022 10:40:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug017:0:378

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 06 May 2022 10:40:06 GMT
Expires: Fri, 06 May 2022 10:40:05 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4390 fb8620d master ord-pixel-x56 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:17996274-fb06-4700-89a7-d7463b930d50&gdpr=0&gdpr_consent=

GET
H2 200 setuid Show response
elb.the-ozone-project.com/ Frame 806C 0
1 KB 34ms
31ms Document
text/plain 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 06 May 2022 10:40:05 GMT
expires: 0
pragma: no-cache
vary: Origin

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F152
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4dZNEYYwTtSOPCgng9t3tw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

14ms
14ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:06 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61870
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 07 May 2022 03:51:16 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame F152 0
98 B 41ms
17ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F152
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ed56274-fb06-4e00-b3b3-edb64bd818c6

0
128 B

363ms
21ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ed56274-fb06-4e00-b3b3-edb64bd818c6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 06 May 2022 10:40:06 GMT
Server: MT3 4390 fb8620d master ord-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8ed56274-fb06-4e00-b3b3-edb64bd818c6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 06 May 2022 10:40:05 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F152
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFENjREMTEtODYzMC00RUQ0LThFM0MtMjgyNzgzREI3N0I3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
205 B

362ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:493
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F152
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_BfaVzVjZB7u3KtSlPYnE&google_cver=1

42 B
593 B

362ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_BfaVzVjZB7u3KtSlPYnE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:04 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:607
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_BfaVzVjZB7u3KtSlPYnE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F152 43 B
612 B 79ms
19ms Image
image/gif 169.50.137.184

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 May 2022 10:40:06 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F152
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2722231321511311565&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

192ms
20ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2722231321511311565&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:542
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2722231321511311565&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 06 May 2022 10:40:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F152 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 E1D64D11-8630-4ED4-8E3C-282783DB77B7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F152 43 B
986 B 115ms
39ms Image
image/gif 2a05:d018:d29:3602:d584:42d3:abd8:529d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E1D64D11-8630-4ED4-8E3C-282783DB77B7?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d584:42d3:abd8:529d -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F152
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jlFhwFFE2uWW88230QSMtckDehXqvJg-~A&gdpr=0&gdpr_consent=

0
260 B

602ms
20ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jlFhwFFE2uWW88230QSMtckDehXqvJg-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:40:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jlFhwFFE2uWW88230QSMtckDehXqvJg-~A&gdpr=0&gdpr_consent=
date: Fri, 06 May 2022 10:40:06 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 5AFD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5724650576547633571

0
1 KB

31ms
30ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5724650576547633571
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:40:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:40:06 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d772e9f5-c232-4d3f-a28b-a5a6c0f8c7ed
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5724650576547633571
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

94 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 12:26:33	Name: BCSessionID Value: 20c35bea-f80a-4e09-8c9b-b758ed84c3fa
torstar.blueconic.net/DG/DEFAULT	1970-01-20 11:36:09	Name: BCSessionID Value: 20c35bea-f80a-4e09-8c9b-b758ed84c3fa
www.thestar.com/	1970-01-20 11:36:09	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 11:36:09	Name: last_visit_bc Value: 1651833597156
.thestar.com/	1970-01-20 11:36:09	Name: bc_tstgrp Value: 9
.thestar.com/	1970-01-20 07:15:31	Name: permutive-id Value: 528cee8b-0283-4dcd-9bde-d9b6d1ce9f8f
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 05:03:02	Name: pxid Value: 46225a85-299d-45e7-9971-e29d053dd3f5
.thestar.com/	1970-01-20 11:37:35	Name: _vwo_uuid_v2 Value: DD8A94E101B63295D9B306C6D341B7C67\|e123d9376196a99423ba2a3d309f901e
.thestar.com/	1970-01-20 05:14:33	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-23 18:26:33	Name: _vwo_uuid Value: DD8A94E101B63295D9B306C6D341B7C67
.thestar.com/	1970-01-20 02:50:35	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 05:00:09	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241651833597%3A93.75778608%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
.t.co/	1970-01-20 20:21:45	Name: muc_ads Value: 26fd9905-b100-4490-8567-5343e08fba5d
.twitter.com/	1970-01-20 20:21:45	Name: personalization_id Value: "v1_kF0hsU1Q78jD+Xy7Ns1BPA=="
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.scorecardresearch.com/	1970-01-20 20:07:21	Name: UID Value: 1418650477bb1588a5a790b1651833598
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 50d341de-d848-4f89-f6ee-29526e07b62f
.thestar.com/	1970-01-20 11:36:09	Name: _ig Value: d4bbce89-584c-482c-ae36-bcb5a2a5e492
.thestar.com/	1970-01-20 20:21:45	Name: local_ga_B4CQN4KW3R Value: GS1.1.1651833598.1.0.1651833598.0
.thestar.com/	1970-01-20 20:21:45	Name: local_ga Value: GA1.1.2125406013.1651833598
.demdex.net/	1970-01-20 07:09:45	Name: demdex Value: 09910530027794767193178650178577518364
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1970-01-20 02:51:59	Name: _gid Value: GA1.2.1484435848.1651833598
.thestar.com/	1970-01-20 02:50:33	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 02:50:33	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 20:21:45	Name: _ga_6FZFMVVWVN Value: GS1.1.1651833598.1.0.1651833598.0
.thestar.com/	1970-01-20 02:50:35	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1651833598472%2C%22slts%22:0}
.thestar.com/	1970-01-20 20:21:45	Name: s_ecid Value: MCMID%7C09947063024101685493175548010215576854
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1651833598483
.everesttech.net/	1970-01-20 11:36:09	Name: everest_g_v2 Value: g_surferid~YnT6-gAAAE86iQP0
.dpm.demdex.net/	1970-01-20 07:09:45	Name: dpm Value: 09910530027794767193178650178577518364
.thestar.com/	1970-01-20 20:23:11	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19119%7CMCMID%7C09947063024101685493175548010215576854%7CMCAAMLH-1652438398%7C6%7CMCAAMB-1652438398%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651840798s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19126%7CvVersion%7C5.4.0
www.thestar.com/	1970-01-20 03:33:45	Name: AccessToken Value: idv2l2ub2q6a18ivxjo7flriaq94bqtum
www.thestar.com/	1970-01-20 02:51:59	Name: ios-smart-banner-shown Value: true
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 12:19:57	Name: _parsely_visitor Value: {%22id%22:%22pid=aeb3c61dcfb7a6338cd6aad55fdc0032%22%2C%22session_count%22:1%2C%22last_session_ts%22:1651833598472}
www.thestar.com/	1970-01-20 11:36:09	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.www.thestar.com/	1970-01-20 20:21:45	Name: ts_s_ecid Value: MCMID%7C09947063024101685493175548010215576854
www.thestar.com/	1970-01-20 03:33:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 20:21:45	Name: _ga Value: GA1.2.2125406013.1651833598
.thestar.com/	1970-01-20 02:50:33	Name: _gat_sirwidgets_0 Value: 1
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 20c35bea-f80a-4e09-8c9b-b758ed84c3fa
torstar.blueconic.net/	1970-01-20 03:00:38	Name: AWSALBCORS Value: EEa1RI9RrZRkzv/NFv8FPHqQ4TnVgt+yhClEEE3SHWgNMHzJkeodH9AArLQWI9AZJcjlke0rkjN4hd0QjoRRCvHyYHzmZOV6EABum4Dz3QOjcKZTvFydHj8rbBo/
.bing.com/	1970-01-20 12:12:09	Name: MUID Value: 252C27BABACC62E004FC3626BBA763E5
.thestar.com/	1970-01-20 05:00:09	Name: _rdt_uuid Value: 1651833600574.f0c0ad04-ecdb-4db6-9c7b-b79397a3b942
.thestar.com/	1970-01-20 02:52:00	Name: _uetsid Value: e16b5d60cd2811ecb8965bd033b4acfd
.thestar.com/	1970-01-20 12:12:09	Name: _uetvid Value: e16b7a90cd2811ec8ed315dbeb064cb6
e377.thestar.com/	1970-01-20 03:00:38	Name: AWSALB Value: KpHkilmIWOQUkw6ZE/iwQBhhaVzwgRtAQnfBP0KN7EtC+Epm+ceRy52lDYRaGaSoSNYQ3NX+IdgXV9x64Y5pFEBYl/7tULaGwDmW0g+U9tRid6RCWsJLpNMXJtXn
e377.thestar.com/	1970-01-20 03:00:38	Name: AWSALBCORS Value: KpHkilmIWOQUkw6ZE/iwQBhhaVzwgRtAQnfBP0KN7EtC+Epm+ceRy52lDYRaGaSoSNYQ3NX+IdgXV9x64Y5pFEBYl/7tULaGwDmW0g+U9tRid6RCWsJLpNMXJtXn
.linkedin.com/	1970-01-20 03:33:45	Name: UserMatchHistory Value: AQLlcG6cexkx9QAAAYCY9HrQobziAoO07xtW3_LhYFp5g6DX9xHZ9xq6kJSW56tEhc379l5px_s2aw
.linkedin.com/	1970-01-20 03:33:45	Name: AnalyticsSyncHistory Value: AQKz1utS-kzuDwAAAYCY9HrR4loPkzDtWUYbd6fTPifMNp7nQSyN8z2RM1ObJqxXObQruxw0Od5dsGAigrPcsQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:22:27	Name: bcookie Value: "v=2&2714c69f-6c06-4383-8d08-5cbd562b8f9f"
.linkedin.com/	1970-01-20 02:52:00	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2717:u=1:x=1:i=1651833600:t=1651920000:v=2:sig=AQE2piyluz7Qadil9ddM7rQzj8z-o-Il"
.thestar.com/	1970-01-20 12:12:09	Name: __gads Value: ID=2a4f72f5613cf2cf:T=1651833600:S=ALNI_MbicE8u0dAUc0UKsv1uUuiZR4pBJw
.doubleclick.net/	1970-01-20 12:12:09	Name: IDE Value: AHWqTUkG77kcg91LhHuGOHtmyQ87yOthXSNNXVRCbjpmGD9qj2q67SWOsczyX13g2YY
.c.bing.com/	1970-01-20 12:12:09	Name: SRM_B Value: 252C27BABACC62E004FC3626BBA763E5
www.thestar.com/	1970-01-20 02:54:52	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 02:57:45	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:12:09	Name: MUID Value: 252C27BABACC62E004FC3626BBA763E5
.c.clarity.ms/	1970-01-20 02:50:34	Name: ANONCHK Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:22:27	Name: bscookie Value: "v=1&20220506104000f55b485a-78c5-43fc-88cf-0601c1e8261dAQEddTFA8hs79PmOKDo1fX_6uqqAinYc"
.linkedin.com/	1970-01-20 20:19:25	Name: li_gc Value: MTswOzE2NTE4MzM2MDA7MjswMjHWjy67vqT4nrN2V7eMm8VTIfK1aBxCp8RoTZdG+leS+g==
.thestar.com/	1970-01-20 11:36:09	Name: _clck Value: 1wwixhu\|1\|f18\|0
.doubleclick.net/	1970-01-20 02:50:37	Name: DSID Value: NO_DATA
.thestar.com/	1970-01-20 05:00:09	Name: _fbp Value: fb.1.1651833601365.631982762
.facebook.com/	1970-01-20 05:00:09	Name: fr Value: 0V19Kk65JP1HsGKoX..BidPsB...1.0.BidPsB.
.thestar.com/	1970-01-20 05:00:09	Name: _gcl_au Value: 1.1.1291802354.1651833601
.thestar.com/	1970-01-20 02:52:00	Name: _clsk Value: knr169\|1651833601437\|1\|0\|k.clarity.ms/collect
.thestar.com/	1970-01-20 11:36:09	Name: _pin_unauth Value: dWlkPU9HVTNPV0l5TkdZdE1EaGhaQzAwWVdReExUazJOR0V0TXpOaVkyTTRNell4TVdVNA
.thestar.com/	1970-01-20 03:33:45	Name: s_nr Value: 1651833602123-New
.thestar.com/	1970-01-20 11:36:09	Name: s_nr2 Value: 1651833602124-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.the-ozone-project.com/	1970-01-20 05:00:09	Name: ozone_uid Value: 28mtURrHXrsB67Xhb0SDwD51nqW
.smartadserver.com/	1970-01-20 12:20:47	Name: pid Value: 9036307283508822255
.360yield.com/	1970-01-20 05:00:09	Name: tuuid Value: 095934ee-a72b-4ae5-8318-c8ca6d452a29
.360yield.com/	1970-01-20 05:00:09	Name: tuuid_lu Value: 1651833603
.bidr.io/	1970-01-20 12:19:07	Name: bito Value: AADc_E7E6fYAAEBOACam2Q
.bidr.io/	1970-01-20 12:19:07	Name: bitoIsSecure Value: ok
.3lift.com/	1970-01-20 05:00:09	Name: tluid Value: 2691922455373168941717
.casalemedia.com/	1970-01-20 11:36:09	Name: CMID Value: YnT7BJ1gPRk.onDjCMSdaQAA
.casalemedia.com/	1970-01-20 05:00:09	Name: CMPS Value: 5225
.casalemedia.com/	1970-01-20 05:00:09	Name: CMPRO Value: 1174
.casalemedia.com/	1970-01-20 02:52:00	Name: CMST Value: YnT7BGJ0+wQA
.bidswitch.net/	1970-01-20 11:36:09	Name: tuuid Value: 582c53a0-7554-4e06-baa5-97b975455643
.bidswitch.net/	1970-01-20 11:36:09	Name: c Value: 1651833604
.bidswitch.net/	1970-01-20 11:36:09	Name: tuuid_lu Value: 1651833604
ads.avct.cloud/	1970-01-20 11:36:09	Name: uuid Value: 45bdfe3b-7af7-485d-9cd5-baa0f6b1f08c
.sharethrough.com/	1970-01-20 03:33:45	Name: stx_user_id Value: edbbe365-ffdb-4c3e-af76-4101e45a10bc
.the-ozone-project.com/	1970-01-20 05:00:09	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhdm9jZXQiOnsidWlkIjoiNDViZGZlM2ItN2FmNy00ODVkLTljZDUtYmFhMGY2YjFmMDhjIiwiZXhwaXJlcyI6IjIwMjItMDUtMjBUMTA6NDA6MDQuNDYwOTgxNDc5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBRGNfRTdFNmZZQUFFQk9BQ2FtMlEiLCJleHBpcmVzIjoiMjAyMi0wNS0yMFQxMDo0MDowMy43MTM4ODMwOTdaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiNTgyYzUzYTAtNzU1NC00ZTA2LWJhYTUtOTdiOTc1NDU1NjQzIiwiZXhwaXJlcyI6IjIwMjItMDUtMjBUMTA6NDA6MDQuMjg5Mjc1MDM3WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIwOTU5MzRlZS1hNzJiLTRhZTUtODMxOC1jOGNhNmQ0NTJhMjkiLCJleHBpcmVzIjoiMjAyMi0wNS0yMFQxMDo0MDowMy40OTQzNTkyMjZaIiwic291cmNlIjoiY29va2llIn0sIml4Ijp7InVpZCI6IlluVDdCSjFnUFJrLm9uRGpDTVNkYVFBQVx1MDAyNjExNzQiLCJleHBpcmVzIjoiMjAyMi0wNS0yMFQxMDo0MDowNC4xMzI5MjQ1MzVaIiwic291cmNlIjoiY29va2llIn0sInNoYXJldGhyb3VnaCI6eyJ1aWQiOiJlZGJiZTM2NS1mZmRiLTRjM2UtYWY3Ni00MTAxZTQ1YTEwYmMiLCJleHBpcmVzIjoiMjAyMi0wNS0yMFQxMDo0MDowNC41NTU3NjE1MTlaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6IjkwMzYzMDcyODM1MDg4MjIyNTUiLCJleHBpcmVzIjoiMjAyMi0wNS0yMFQxMDo0MDowMy4zMTQ1NjYxMjRaIiwic291cmNlIjoiY29va2llIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMjY5MTkyMjQ1NTM3MzE2ODk0MTcxNyIsImV4cGlyZXMiOiIyMDIyLTA1LTIwVDEwOjQwOjAzLjkyNjIxNzQ0MloiLCJzb3VyY2UiOiJjb29raWUifX0sImJkYXkiOiIyMDIyLTA1LTA2VDEwOjQwOjAzLjMxNDU2MjA0OVoifQ==
.ads.pubmatic.com/	1970-01-20 02:52:00	Name: KCCH Value: YES

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 133) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 133) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.33552190287118555(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 151) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 151) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=960782536410? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=960782536410?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E1D64D11-8630-4ED4-8E3C-282783DB77B7 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
a7b03a2c8dad49321da9128d5bd0bc2b.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hetbxw.thestar.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
js-sec.indexww.com
k.clarity.ms
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
misc.thestar.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
resources.thestar.com
rtb-csync.smartadserver.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sejs.moatads.com
simage2.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
t.co
thestar.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
104.244.42.195
104.244.42.69
104.75.88.209
108.128.0.238
129.213.193.172
13.107.43.14
13.248.245.213
142.250.184.194
142.250.185.194
142.250.186.130
143.204.101.22
143.204.101.50
143.204.101.89
143.204.103.127
143.204.95.188
143.204.98.123
143.204.98.125
143.204.98.19
143.204.98.39
143.204.98.50
143.204.98.6
143.204.98.81
143.204.98.87
15.188.95.229
151.101.194.49
151.139.128.11
169.50.137.184
172.217.23.98
18.170.16.189
185.33.220.244
185.64.189.110
185.64.190.80
185.64.190.81
185.86.139.101
185.86.139.113
192.82.242.209
199.232.188.157
20.96.88.162
2001:678:cb4:bbbb::11
216.200.232.249
216.52.2.30
216.58.212.134
23.32.59.34
23.35.236.201
23.35.236.247
23.35.237.151
2606:4700::6810:7caf
2606:4700::6812:551
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9d
2a02:26f0:3500:14::1724:a247
2a02:26f0:3500:14::1724:a258
2a02:26f0:3500:14::1724:a259
2a02:26f0:3500:7::17d8:4dcd
2a02:26f0:3500:89a::1931
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::396
2a05:d018:d29:3602:d584:42d3:abd8:529d
3.122.162.133
3.126.56.137
3.33.220.150
3.70.86.14
3.94.162.19
34.107.254.252
34.120.133.55
34.194.161.83
34.241.134.108
34.243.37.252
34.253.74.200
34.96.102.137
35.186.253.211
35.190.14.224
35.241.9.51
35.244.174.68
37.157.3.29
37.157.4.25
51.104.28.77
52.139.4.139
52.142.114.2
52.16.238.87
52.206.166.185
54.171.245.89
63.32.153.188
69.173.144.138
002dc102e45c9ea4197d2098b5252b7a3427246fc889a2a534e7b816c199f7c8
021078a21a0f078cd677719043a84f1c93b1475161414f0c119119b4ef3d8886
02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4
058d1a8a629c82f344bb897688af943b1ee5041381f487250241ca16bb24a300
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cf31f23dde2f3c20ae661eabcb24df5923c46aa10ba5648037066641c8fe78
08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0c129bbd17e398eaeb3ce1bb80844b4502c1949ee25cf7f4ad02a86d1b689747
0e0597c66b4c19f9a2f09795677cb7e5932d373d87b6853c6b474d68f72d0b63
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1760d8053ceef9944a42943f4e1ff5809be73c14149145e106b04933c541874a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ee6c158ecdcabd472f582e3c5718be76aa9f1e910aeb355ea1cca99dbac31f
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1a56ba8750819bc4d4c0a1a85314cd9191491c6a475508a1fe266b7bec817a7c
1ab3f6ed24399f1ce91ad32a3903471f4a9dc8029703d6f6eff30c81f0e97652
1ebe948f0e767bd41279d199708cbacafad8afda1bfc3def1fd4aadd2b653a1b
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
221da5b9abab5ff408ee5174a127f762c0fbf4cd9a9bf368e0545b643419d1f8
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
274f303386cb1196b666044150f2c6d8f45bb438f2d24b092806e7946ba8659a
282d282212de3d1a0a5c509b47b188e2a6bdc365daab73a3782ed6c6295c4805
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29c5c6d9131bd702ef0aeeba1b6831de8029b7bca6b469a73d00c8c9fe426728
2b3951e60cd340e02ede92699ac0c8e881d0f5f860499a93e0609fab056a1373
2bd8d6b5a9143e816843adc9330162c21631fd56a41efdfda47abb104de72550
2c1f01202b6774f437737f647c0c53f10e572afaa159ce2f14f05a79ba3e8ce3
2cde8227a6344bccc38e9eaefb1121f2a3a902bfe47e6fbfaec48668f4f3bd76
2d21741cc716b50afd93d6bec2918aece75fcc0ce246433dd66711b1db2a7ce9
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2db3d4514e9fcf4f45b3047b46b8a71945a278e111a68fac7138b1832ba3e270
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b
30953c5196d7b97ce1bd5abd6f44b350f2c7420681d417e33f37006d0f443985
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32913cfdb4e564790a9f6acf6a0f5a5bf0d88caeedeb6a139b50f585a2d570e9
35b05139b676464424e318722af58bfee177b38edf5daf437c0331cc318096be
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3675786df703ae21e35cf40f2333853f559f132e6d77a89d5b408cecf096c1d7
369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d2a19c463e69fb9b7a3ce46c0991f8a8486c6cea18da01fec6bba21bb9286d
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
385e2022b954a1472bdd8f6a1310b6adab1dbf664ac78e37e93b09ed4474a032
3de6a4fb2cbe4eb755287fd0094052835db8ce320bc715dcadfc79057cc54a18
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44ddf2664ae0311f45e4410248cbb58368f1acaf5ad7a9e03f18fbd2b05bb336
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
48860e3eac4234bbdc8c33332825e0c6670550a2606ca9a5ce5487a64332b6a0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497f4fc266b2c67cbcb66c848753751b28ae775e51c45aafe1d136e363c783c6
49d0334554b750588bb16cd000ab6fcd31252f65ff13d8f1eb25dec48b521a2e
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a58f25d43c1cc5f94f657d63ddefac59f22e9281cb0285cb0f9f7d6aa971046
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4bb8703735194b461205a6b20c237a0e9c56951b46541cc3fde5bdb9835d1d3f
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebb8485b400a9023b86f17f168967840bcb1cfc68a2b0f6f92ea6026d0c3fc8
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
505f514de567e3302c520a8e4ddda0350baa0ffbb9a837c59decb681a39f2368
515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab
5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1
5297f694b4ad4219b3ce0c90252a1ade4d2bfe32d2f40c1e4bd2c891c8829a98
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5b2833099997251581945de32e3251b1ae41af2108d2a4e7ab88c31f56753040
5c6db6a6bf5e986ad12608ec8adf26928a3ea5204ac3e63b51420a0714dc6dbc
5d8e2a45b87836c8fc0b8c319fd2bfaa775a1496e72b08fdf5c13337e1dcc961
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
5fdcd48112ac7a82d4d2c659e6019268d16775b2b235078e9f581783ee0df7c6
61aa2faac045081adb2e15b49a89c542ecde65f18622cccc672b8e040857cdc3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe706e3bc5a31dcbe9fe0a1bac7cee42e68cc586d3a6e130eca6a877a5e55a
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
658ebc2782b5a6b647c729172f3eb3688b5c2a9cdfdd4f70a4d45046778cfe31
66043e453af571e35a8faf20f9cf3dec5a95a5af729e0746a62ff4528315e0f6
67427785ce3bfc2ab38c0ea6d6e9d76ae558f66c1133cc6179861df79672df07
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2f6450a0cb08d4dc8b5ac5041b369ca51aa52f8082851443526215ec41fc7e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c44882a94fdac30f4aa6b38a58a558fd7a34559a15f96b1b0ecf890fad1cdbc
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6eba7efe25b102daba8ab72f4f16cb18ba3915a767864a9fb3f5ee965f16ca15
703e6f794f4047b0826ee64f3f56c39b8afd9092e0c8faa19d014698a741a51b
71bd5d37c50fe82718af2dd4de1f58907278639c32ff7a1585cc61e259c0a322
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7492e57c60e4c4a30aff9164b4b834cfa72053bb68a162eba2a291482748f620
7555affbd321bbccc97467bdf30900bc17c4eaed5a1be5da778d7e26ea80fc3d
76b66b5945ee4eb98a00a88df455e45021adf64e4613081ef36e02ee013938c9
777a84c87cbb0f4e41f7eb0ae5c867a2adcc60098e087cba411ea0b89af32164
7a8d4cbc228f97a7d78877a50fe778cb22bbb1f1a5134aa2afca894b1cf0251e
7b24cbf8cced6ddb17e985fe5329d186750b005210ad2589c6f5146eafa0d2ef
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ce631b345a4bd793898a5ef0a17b63e523eb977b913940a782234a02fff6d9e
7dd31f9a44dda77f55c5dc425aaed2fec6b1e3a1fad5f7eceaa6e8af9626cff5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
849056f7f6a3149a9f6b288c7847dccc5348347c3c6101be78ddeec1a2df13f3
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85595326eba0b1b4c8d68a7c31fc2c136618ba4ba11aa19b581ef57d6514b7f6
85bbe8fcfa8b2a0b5ab56a7d2099d0fe94b19d54a86eea118bb42ba9fee7a754
864c0d6d08c81313bcd38345a53466ace3ce681a077d507d90bca39daaa31dce
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3321651823cc367498a1731e258afc6f7ebadf9fdd2b81b4160f0e9dcc6b09
8b1ac7ae8ccf36d971f147fe1b4902f0ffcfded440423fbb9d093708ed0d260a
8b7a0e2beead328034eee7d51eee850ccdddf0a7b8ebb5c7cc88d892d6f8130b
8c82c830cf7607762b90c908b94b8c18f1a6eca70a25ef198584dbf468ae06c3
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
902564d87ddfe92c327260fdd506b03b6d19cd61c9f9c5736e069eba3c7fada9
90310e37456802560c9afb1d25bd9c5c6be958f99080084dedefbea93c812615
908d68b2dd3a687ef8e2232bc5196090d051cfaf99be40111d2211a6251160e5
9154fb892b73c1313f3f68537840eabaaed2821f9eaeb900ee884a8c38ffc108
91a53c12b18680eefb23ccf8f8ed44349cb9290c06d19c4cd1c7b78c87a2d86d
91afb50b514860b780ef106f9d2751ce74becf12ee01233fee2c0ebe9b6c1aca
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
927958b69786bcd2230ad0550cbcf73216850a720c645aff65fa6f3070007f89
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
9732615cd530cb708d91adae9f0e315fd11b6c1f8cc4c768ff1605490b2859ab
973912fe5e13daa04d180cc0736fa19ef284e671009102e2105d9fe16f96f051
97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639
991444d0ac35c57648169bb59ac7902df899ddc331b84399a9b39588f868238e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9de5b2503ac61eb67ab8d1847385e053679aa742ae58180bd932b773d03f83bb
9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef
9fd2d0dfb2e4eed3fca632b3f2868a2334c1e07b7a87f993db741c8a1326bd31
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a36df23d686327d9d740d2b005cb6df3f758418285e0566a295d2dbf322815f4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b5bccfc284e39d933d47cd28275807dfb7f183d4c1f264c3ae1cce106d66ad
a6a5aa682d61a9e1cffbb54e26b2688cd6e959557fdbbe6f6210889f0f662ac1
a6eea0d6b0913addc21d58027daad112d9e581b0598c4032eda4481fc03cd1cb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f
a9b641eaf42ec228170c67a34535ca0bd50625452f951336138ba586425f6f48
aa197bcb62cf22298fdc2bcf8a29d92b47610d7f19ace8bf670873e903bf7ee7
aac04082e661e86dc1d83cf05890520521b8c4200c03e0971cf77504d2b50186
ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf67a87d897087391bc95db43760a84a7355298dfdd3e3ebc37f8ec2fee7a87
ad9f5f671698e04cc215d01e86e3f5ed3cf9fb2fe5130bda534dd23a9fd622cc
adc5bb393ff377d0567dea89e926a727d01f9ec93ee5535276316ddb4684d3b0
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aef4bb56a2df78a1ca6eb61c19e0f89938013f4017f347469395e54aaf09ca2d
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36fa770af76aff69aee3c11fd279c11ec6fe7782f1d56f74cb35e12e13bf58b
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b3edae030db950a7d5028470f183b4d95c73b3a2516b5928cc71d1246104ec4a
b3f5d14815773fc14f3e23fbf21445c40174fbd7223b911f6a2392622b9708f2
b5341cbb6fc361809ba7c7f7d878bfd3360c8a62efc9ff13c043c6dfbd7e9e88
b7a7b0e82ceae32af48313ac4d0bb829d9c805f6060f56648c1f71122e8b180a
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9bb04fd67fca39e1b355247fbdec354163abc89354a59d96cb409fd51b06ba4
ba4c4b115fb587477d7cb05b1edd8c57aa42ca774f5333ed670b7fffe13a60ef
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc2429059fa00e4e61d419c9e5940139b132dd89352293c0c7a99824932d234f
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bf4d004efe6978f0e4328482894c65dd1570c5a3f16c700bc12d248ac414a183
c00545c81d97ab6aaa4ce46fd9b026817a8079477283eba5cced4003551eaf8c
c0208d2cf55af767395072e31d2bbcc80f0deb2e5f6f8f0c0a90c408a69145d0
c2606c72116fc9dd779733da68c08f9b9287b77d4c2552a56fafaf610955d425
c557b1112754f045d4ff2636a98bbde685391a6a5f8558c2b4d2cd2682849618
c56d192163e7bc5d9e3ba2bd13214c0b51c0561e91cb0ad12400c8e27572c239
c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e
c8ef88732423925a775c924b7ef949c2eb9f3f90540b2ccd5bf45b490e8e62e5
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
ca1767484fc7a3115ec42ca4f5b871482cf2ee0d7f62b2cfbe150ba50002039b
ca23675444cc6935c5bea16720ec7f72d49336cc56e44cac9da80afe12864d47
ca2b9896b48e672f4125f3e04ed4f4f4b9ad4231a3ac5e42cac125b61d973992
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ca9967141440531d338914164958c222b3491a96308f0ad15a72c91ea6d1a213
cb1225ddd01e8276f0e9690183ec1462588197991ece003e14f3ce4f10457ad2
cee2951267b78c7ef3062c951a525b402a75b6a6c6e664486f36dccd9f93c20a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d21204b449462697775d80923f70526b729701c6a0293fdfc877ce7cdf2a37a7
d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91
d2cbaecb160d0ca219e48ba2b156edb20f79451648b99f308c5f7dbc9b9164d4
d4f9083e796201f531aad8e07ae8b7e9fdeb180f395d922700efea2d3e38622e
d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b
d5bcde338aeba0acd272564af6d9a209e8728793e81841a879f762c8a0d3ddb7
d5f0743d47591bad3a29481a356f318ece9db2782b3c74773b26fef6732468bc
d68bd5fe54c3b8b7c86114f44c46ceb593560db1b82cce22919b0591effcc5e3
d71893b34091dfec81a05d4afabd5d565aa836e491a5d333865b8136c56a08b1
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
d9a0409f5d53b7ec623bbd8cedda1bf0bb6a97b732d1968d9f6a3a5baacce12a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db488298b49c859f2174b078a55b8d9a29aeec85baff6aec893cb26fb28abedd
db7964141d92c5ef2964d8f7868952d312a2782a168d30d89a86335ca7083079
dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de512fe313e59fe17e2ebe834513b5c02ae334d0e74c347798bd8a0a0df9294b
e366cf3ae98be75f413a1b88727f4a90ff2cf5e2a37f35ade874fba12fbd61fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67e24dcac7e64e0c07200cddfbbd7d1f5a70869c462362791d51387ddc10039
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec315c4771f75ab19f1e2df090ce312980fae496aaffa9765ea3349f9c78aae3
ec4045d6fd0204867ed65e0ca1dad0bfe2a4a3c703340a8ada178d3559150e02
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff365c13cb9ef7973e8dc850f8ff6cf95bd3659d9cc60289a88ffd977bedba3
f163d886b8927f01c2dca33001797837298ac4f3547b52cf06fad32742754c79
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f694a344bbdb8ba92f56437bb09026963cb4e25ec01087fdc6f9b40922a0863e
f7c077ef44868c5d23110a8c5893389f4e378085063fe38c80c49b881543ab08
fb25d9cbb5a59405edffa4ebd26f8d18f84059c1071c3387b155aa3508bbb32f
fc1c4f09ff158c02c23a035afb72d4221d9e9e58a6a01b01d93191295edbc4fa
fd69dbb68b524b4f5be33f3edd8b63deae0e0818ee7f483cf952f7b1fa708aa4

www.thestar.com Open in urlscan Pro 143.204.98.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

91 %HTTPS

28 %IPv6

67 Domains

112 Subdomains

84 IPs

9 Countries

5346 kBTransfer

19087 kBSize

94 Cookies

17 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
143.204.98.39 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

91 %
HTTPS

28 %
IPv6

67
Domains

112
Subdomains

84
IPs

9
Countries

5346 kB
Transfer

19087 kB
Size

94
Cookies

334 HTTP transactions
0 data transactions