urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thestar.ca/
Effective URL: https://www.thestar.com/
Submission: On November 09 via manual from CH — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 6 countries across 81 domains to perform 412 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 231780.
TLS certificate: Issued by GTS CA 1P5 on September 25th 2023. Valid for: 3 months.
This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.206.144.180 10400 (THETORONT...)
6 192.104.182.109 10668 (LEE-ASN)
53 104.16.133.24 13335 (CLOUDFLAR...)
1 2 104.22.74.216 13335 (CLOUDFLAR...)
1 34.160.43.93 396982 (GOOGLE-CL...)
8 30 172.253.62.154 15169 (GOOGLE)
1 172.253.62.84 15169 (GOOGLE)
8 142.251.16.139 15169 (GOOGLE)
16 18.67.76.86 16509 (AMAZON-02)
1 104.18.41.170 13335 (CLOUDFLAR...)
1 172.253.122.95 15169 (GOOGLE)
4 52.85.151.85 16509 (AMAZON-02)
12 142.251.163.97 15169 (GOOGLE)
3 3.162.111.130 16509 (AMAZON-02)
1 152.70.51.45 31898 (ORACLE-BM...)
3 142.251.16.94 15169 (GOOGLE)
1 18.160.10.101 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
3 6 68.67.160.186 29990 (ASN-APPNEX)
2 54.158.26.120 14618 (AMAZON-AES)
2 34.149.155.241 15169 (GOOGLE)
5 216.239.36.178 15169 (GOOGLE)
3 130.211.23.194 15169 (GOOGLE)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 172.253.115.148 15169 (GOOGLE)
8 172.253.115.94 15169 (GOOGLE)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
9 34.107.254.252 396982 (GOOGLE-CL...)
3 54.147.69.123 14618 (AMAZON-AES)
1 52.45.243.144 14618 (AMAZON-AES)
2 63.140.38.219 14618 (AMAZON-AES)
1 1 34.236.86.219 14618 (AMAZON-AES)
2 142.251.16.101 15169 (GOOGLE)
4 99.86.191.237 16509 (AMAZON-02)
33 35.190.14.224 15169 (GOOGLE)
1 18.160.23.201 16509 (AMAZON-02)
1 99.84.222.71 16509 (AMAZON-02)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 31.13.66.19 32934 (FACEBOOK)
1 146.75.28.157 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
2 23.218.218.181 20940 (AKAMAI-ASN1)
3 204.79.197.200 8068 (MICROSOFT...)
2 23.220.136.202 16625 (AKAMAI-AS)
1 52.85.150.3 16509 (AMAZON-02)
3 216.239.32.181 15169 (GOOGLE)
9 142.250.31.155 15169 (GOOGLE)
4 172.253.63.94 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 3 18.154.227.100 16509 (AMAZON-02)
8 172.253.115.155 15169 (GOOGLE)
1 2 142.251.163.148 15169 (GOOGLE)
4 35.244.159.8 15169 (GOOGLE)
3 5 13.107.42.14 8068 (MICROSOFT...)
1 3.224.218.221 14618 (AMAZON-AES)
1 52.85.131.58 16509 (AMAZON-02)
4 172.253.62.105 15169 (GOOGLE)
3 54.144.144.142 14618 (AMAZON-AES)
28 142.251.16.157 15169 (GOOGLE)
1 35.160.151.220 16509 (AMAZON-02)
3 172.253.62.132 15169 (GOOGLE)
2 52.218.250.32 16509 (AMAZON-02)
13 142.251.167.132 15169 (GOOGLE)
26 172.253.63.149 15169 (GOOGLE)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
1 2 23.55.205.47 16625 (AKAMAI-AS)
2 2 23.61.60.237 16625 (AKAMAI-AS)
1 1 35.190.0.66 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 1 51.222.39.184 16276 (OVH)
2 2 35.71.139.29 16509 (AMAZON-02)
1 6 18.208.90.251 14618 (AMAZON-AES)
2 2 50.31.142.159 23352 (SERVERCEN...)
4 54.227.202.190 14618 (AMAZON-AES)
1 1 151.101.194.49 54113 (FASTLY)
1 8.28.7.81 62713 (AS-PUBMATIC)
14 21 69.173.151.100 26667 (RUBICONPR...)
1 1 3.225.47.189 14618 (AMAZON-AES)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 172.253.115.138 15169 (GOOGLE)
1 74.125.0.7 15169 (GOOGLE)
3 23.220.117.6 16625 (AKAMAI-AS)
4 142.251.163.155 15169 (GOOGLE)
1 13.32.208.21 16509 (AMAZON-02)
6 52.6.250.117 14618 (AMAZON-AES)
1 216.22.16.1 30633 (LEASEWEB-...)
1 1 104.104.68.191 16625 (AKAMAI-AS)
4 23.48.146.102 16625 (AKAMAI-AS)
2 2 216.22.16.56 30633 (LEASEWEB-...)
2 2 54.88.66.11 14618 (AMAZON-AES)
1 80.77.87.162 46636 (NATCOWEB)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 1 8.39.36.141 26667 (RUBICONPR...)
3 3 3.33.220.150 16509 (AMAZON-02)
2 8 52.46.151.131 16509 (AMAZON-02)
2 3 52.94.220.185 16509 (AMAZON-02)
1 1 44.207.229.222 14618 (AMAZON-AES)
2 2 54.152.118.221 14618 (AMAZON-AES)
1 147.28.129.140 54825 (PACKET)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.85.151.129 16509 (AMAZON-02)
1 2 52.85.132.46 16509 (AMAZON-02)
1 1 52.21.198.14 14618 (AMAZON-AES)
2 2 34.200.65.202 14618 (AMAZON-AES)
1 23.218.218.176 20940 (AKAMAI-ASN1)
1 151.101.1.140 54113 (FASTLY)
1 162.19.138.82 16276 (OVH)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 34.238.209.237 14618 (AMAZON-AES)
1 31.13.66.35 32934 (FACEBOOK)
4 4 199.127.204.171 26120 (RHYTHMONE)
1 1 50.116.194.21 6336 (TURN-US-ASN)
1 23.83.76.69 395954 (LEASEWEB-...)
1 1 8.43.72.97 26667 (RUBICONPR...)
412 93
1    192.206.144.180 (Oakville, Canada)

ASN10400 (THETORONTOSTAR, CA)
thestar.ca
6    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
www.thestar.com
53    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    34.160.43.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.43.160.34.bc.googleusercontent.com
thestar.solutions.cdn.optable.co
30    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
1    172.253.62.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f84.1e100.net
accounts.google.com
8    142.251.16.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f139.1e100.net
news.google.com
play.google.com
16    18.67.76.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-86.iad89.r.cloudfront.net
resources.thestar.com
1    104.18.41.170 (None, )

ASN13335 (CLOUDFLARENET, US)
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
4    52.85.151.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-85.iad89.r.cloudfront.net
cdn.viafoura.net
12    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
3    3.162.111.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-111-130.iad61.r.cloudfront.net
c.amazon-adsystem.com
1    152.70.51.45 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
torstar.gscontxt.net
3    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
1    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
6    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    54.158.26.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-26-120.compute-1.amazonaws.com
dpm.demdex.net
2    34.149.155.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.155.149.34.bc.googleusercontent.com
thestar.cloud.optable.co
5    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.253.115.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f148.1e100.net
ad.doubleclick.net
8    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
www.gstatic.com
2    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.petametrics.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
3    54.147.69.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-69-123.compute-1.amazonaws.com
api.viafoura.co
1    52.45.243.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-243-144.compute-1.amazonaws.com
torontostarnewspaperslimited.demdex.net
2    63.140.38.219 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-219.data.adobedc.net
s.thestar.com
1    34.236.86.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-86-219.compute-1.amazonaws.com
cm.everesttech.net
2    142.251.16.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net
ampcid.google.com
ampcid.google.ca
4    99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net
cdn.segment.com
33    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
1    18.160.23.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-23-201.iad12.r.cloudfront.net
aax.amazon-adsystem.com
1    99.84.222.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-222-71.iad79.r.cloudfront.net
cdn.prod.uidapi.com
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    23.218.218.181 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-181.deploy.static.akamaitechnologies.com
snap.licdn.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
2    23.220.136.202 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-136-202.deploy.static.akamaitechnologies.com
s.pinimg.com
1    52.85.150.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-150-3.iad89.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
9    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
stats.g.doubleclick.net
www.googletagservices.com
4    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.google.ca
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    18.154.227.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-100.iad55.r.cloudfront.net
sb.scorecardresearch.com
8    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
2    142.251.163.148 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f148.1e100.net
10230056.fls.doubleclick.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    3.224.218.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-218-221.compute-1.amazonaws.com
i.viafoura.co
1    52.85.131.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-131-58.iad50.r.cloudfront.net
cdn.parsely.com
4    172.253.62.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f105.1e100.net
www.google.com
3    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
28    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
adservice.google.com
pagead2.googlesyndication.com
1    35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com
api.segment.io
3    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
2    52.218.250.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
13    142.251.167.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
26    172.253.63.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net
s0.2mdn.net
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    23.55.205.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-47.deploy.static.akamaitechnologies.com
sync.teads.tv
2    23.61.60.237 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-60-237.deploy.static.akamaitechnologies.com
px.owneriq.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
6    18.208.90.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-90-251.compute-1.amazonaws.com
match.sharethrough.com
2    50.31.142.159 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    54.227.202.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-202-190.compute-1.amazonaws.com
mia-placement-server.rubiconproject.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
21    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    3.225.47.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-47-189.compute-1.amazonaws.com
cc.adingo.jp
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    172.253.115.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f138.1e100.net
gcdn.2mdn.net
1    74.125.0.7 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s12-in-f7.1e100.net
r2---sn-tt1elnel.c.2mdn.net
3    23.220.117.6 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-117-6.deploy.static.akamaitechnologies.com
ct.pinterest.com
4    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
ade.googlesyndication.com
1    13.32.208.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-21.iad66.r.cloudfront.net
static.freeskreen.com
6    52.6.250.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-250-117.compute-1.amazonaws.com
sb.freeskreen.com
1    216.22.16.1 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 216.22.16.1.servint.net
ww1772.smartadserver.com
1    104.104.68.191 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-104-68-191.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.48.146.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-146-102.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    216.22.16.56 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    54.88.66.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-66-11.compute-1.amazonaws.com
scm.publishers.tremorhub.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadeu.exelator.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    44.207.229.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-229-222.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
2    54.152.118.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-118-221.compute-1.amazonaws.com
match.prod.bidr.io
1    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.85.151.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-129.iad89.r.cloudfront.net
live.primis.tech
2    52.85.132.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-46.iad50.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    52.21.198.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-198-14.compute-1.amazonaws.com
sync.ipredictive.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.218.218.176 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-176.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.238.209.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-209-237.compute-1.amazonaws.com
pixel.thestar.com
1    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
4    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
1    23.83.76.69 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
53 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 19880
1020 KB
47 googlesyndication.com
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
264 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
10230056.fls.doubleclick.net — Cisco Umbrella Rank: 419274
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
275 KB
34 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 13674
query.petametrics.com — Cisco Umbrella Rank: 14383
220 KB
32 rubiconproject.com
mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 104870
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4691
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
43 KB
28 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r2---sn-tt1elnel.c.2mdn.net — Cisco Umbrella Rank: 325500
2 MB
25 thestar.com
www.thestar.com — Cisco Umbrella Rank: 231780
resources.thestar.com — Cisco Umbrella Rank: 247801
s.thestar.com — Cisco Umbrella Rank: 365847
pixel.thestar.com — Cisco Umbrella Rank: 433861
231 KB
18 google.com
accounts.google.com — Cisco Umbrella Rank: 24
news.google.com — Cisco Umbrella Rank: 6231
ampcid.google.com — Cisco Umbrella Rank: 2931
analytics.google.com — Cisco Umbrella Rank: 157
play.google.com — Cisco Umbrella Rank: 28
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
156 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
78 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
831 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
278 KB
9 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2165
1 KB
7 freeskreen.com
static.freeskreen.com — Cisco Umbrella Rank: 68412
sb.freeskreen.com — Cisco Umbrella Rank: 55821
34 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
1 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
2 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
5 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
www.linkedin.com — Cisco Umbrella Rank: 629
4 KB
5 google.ca
www.google.ca — Cisco Umbrella Rank: 9133
ampcid.google.ca — Cisco Umbrella Rank: 112340
782 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
18 KB
4 smartadserver.com
ww1772.smartadserver.com — Cisco Umbrella Rank: 83885
sync.smartadserver.com — Cisco Umbrella Rank: 1330
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
2 KB
4 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3071
p1.parsely.com — Cisco Umbrella Rank: 2363
26 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1657
35 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13863
i.viafoura.co — Cisco Umbrella Rank: 13639
4 KB
4 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13699
210 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 849
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
180 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
14 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 332794
5 KB
3 optable.co
thestar.solutions.cdn.optable.co — Cisco Umbrella Rank: 414114
thestar.cloud.optable.co — Cisco Umbrella Rank: 365922
6 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7844
2 KB
2 tremorhub.com
scm.publishers.tremorhub.com — Cisco Umbrella Rank: 84318
636 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
628 B
2 amazonaws.com
s3.us-west-2.amazonaws.com
37 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 847
21 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
169 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
32 KB
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1275
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
893 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
3 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
634 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 747
726 B
1 t.co
t.co — Cisco Umbrella Rank: 607
375 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1452
637 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
645 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
493 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
555 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
453 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7108
416 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
166 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
440 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
594 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1276
174 B
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1333
8 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 713
15 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 399650
394 B
1 gscontxt.net
torstar.gscontxt.net — Cisco Umbrella Rank: 305774
595 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 311026
154 KB
1 thestar.ca
thestar.ca
369 B
0 inmobi.com Failed
sync.inmobi.com — Cisco Umbrella Rank: 1562 Failed
412 81
Domain Requested by
53 bloximages.chicago2.vip.townnews.com www.thestar.com
bloximages.chicago2.vip.townnews.com
33 query.petametrics.com cdn.petametrics.com
www.thestar.com
27 pagead2.googlesyndication.com 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
www.thestar.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
26 s0.2mdn.net www.thestar.com
s0.2mdn.net
25 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
www.thestar.com
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
16 resources.thestar.com www.thestar.com
resources.thestar.com
13 pixel.rubiconproject.com 8 redirects www.thestar.com
13 tpc.googlesyndication.com 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
www.thestar.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
12 www.googletagmanager.com www.thestar.com
www.googletagmanager.com
9 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
8 s.amazon-adsystem.com 2 redirects www.thestar.com
c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 www.gstatic.com news.google.com
www.gstatic.com
6 sb.freeskreen.com static.freeskreen.com
www.thestar.com
6 match.sharethrough.com 1 redirects www.thestar.com
s.amazon-adsystem.com
match.sharethrough.com
6 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
6 ib.adnxs.com 3 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
googleads.g.doubleclick.net
www.thestar.com
6 news.google.com www.thestar.com
news.google.com
www.gstatic.com
6 www.thestar.com www.thestar.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 securepubads.g.doubleclick.net www.thestar.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 eus.rubiconproject.com sb.freeskreen.com
eus.rubiconproject.com
s.amazon-adsystem.com
4 ade.googlesyndication.com www.thestar.com
4 mia-placement-server.rubiconproject.com s3.us-west-2.amazonaws.com
4 googleads4.g.doubleclick.net www.thestar.com
4 www.google.com www.thestar.com
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 px.ads.linkedin.com 2 redirects www.thestar.com
4 googleads.g.doubleclick.net www.googletagmanager.com
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 www.google.ca www.thestar.com
4 cdn.segment.com www.thestar.com
cdn.segment.com
4 cdn.viafoura.net www.thestar.com
cdn.viafoura.net
3 sync.1rx.io 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.thestar.com
3 match.adsrvr.org 3 redirects
3 ct.pinterest.com s.pinimg.com
www.thestar.com
3 www.googletagservices.com securepubads.g.doubleclick.net
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
3 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 p1.parsely.com www.thestar.com
3 sb.scorecardresearch.com 1 redirects www.thestar.com
3 analytics.google.com www.googletagmanager.com
3 bat.bing.com www.thestar.com
bat.bing.com
3 api.viafoura.co cdn.viafoura.net
3 api.btloader.com btloader.com
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com www.thestar.com
c.amazon-adsystem.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.tapad.com 1 redirects www.thestar.com
2 match.prod.bidr.io 2 redirects
2 loadeu.exelator.com 2 redirects
2 scm.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 eb2.3lift.com 2 redirects
2 px.owneriq.net 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 s3.us-west-2.amazonaws.com securepubads.g.doubleclick.net
s3.us-west-2.amazonaws.com
2 play.google.com www.gstatic.com
2 10230056.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 oajs.openx.net 1 redirects www.thestar.com
2 s.pinimg.com www.thestar.com
s.pinimg.com
2 snap.licdn.com www.thestar.com
snap.licdn.com
2 connect.facebook.net www.thestar.com
connect.facebook.net
2 s.thestar.com resources.thestar.com
www.thestar.com
2 unpkg.com 1 redirects www.thestar.com
2 ad-delivery.net www.thestar.com
2 thestar.cloud.optable.co thestar.solutions.cdn.optable.co
2 dpm.demdex.net resources.thestar.com
www.thestar.com
2 btloader.com 1 redirects www.thestar.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com match.sharethrough.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 www.facebook.com www.thestar.com
1 pixel.thestar.com connect.facebook.net
1 u.openx.net s.amazon-adsystem.com
1 analytics.twitter.com www.thestar.com
1 t.co www.thestar.com
1 id5-sync.com cdn.id5-sync.com
1 alb.reddit.com www.thestar.com
1 hb.yahoo.net www.thestar.com
1 sync.ipredictive.com 1 redirects
1 sync1.intentiq.com www.thestar.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net www.thestar.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 cs.admanmedia.com www.thestar.com
1 secure-assets.rubiconproject.com 1 redirects
1 ww1772.smartadserver.com sb.freeskreen.com
1 static.freeskreen.com s3.us-west-2.amazonaws.com
1 r2---sn-tt1elnel.c.2mdn.net www.thestar.com
1 gcdn.2mdn.net 1 redirects
1 trace.mediago.io 1 redirects
1 cc.adingo.jp 1 redirects
1 image6.pubmatic.com 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 onetag-sys.com 1 redirects
1 rtb.openx.net 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 api.segment.io cdn.segment.com
1 adservice.google.com 10230056.fls.doubleclick.net
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 i.viafoura.co cdn.viafoura.net
1 www.linkedin.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 ampcid.google.ca www.google-analytics.com
1 d1z2jf7jlzjs58.cloudfront.net www.thestar.com
1 www.redditstatic.com www.thestar.com
1 static.ads-twitter.com www.thestar.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 ampcid.google.com www.google-analytics.com
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 cdn.petametrics.com bloximages.chicago2.vip.townnews.com
1 ad.doubleclick.net www.thestar.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 torstar.gscontxt.net www.thestar.com
1 fonts.googleapis.com www.thestar.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.thestar.com
1 accounts.google.com www.thestar.com
1 thestar.solutions.cdn.optable.co www.thestar.com
1 thestar.ca 1 redirects
0 sync.inmobi.com Failed www.thestar.com
412 131
Subject Issuer Validity Valid
thestar.com
GTS CA 1P5		 2023-09-25 -
2023-12-24		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
thestar.solutions.cdn.optable.co
GTS CA 1D4		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.thestar.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-26		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-11-06 -
2024-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
join.ca.optable.co
R3		 2023-10-18 -
2024-01-16		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.liftigniter.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
s.thestar.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.liftigniter.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-18 -
2023-11-16		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-10		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.freeskreen.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
pixel.thestar.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh

This page contains 30 frames:

Primary Page: https://www.thestar.com/
Frame ID: 49659D9FB9034620D185C63D39AC08C2
Requests: 243 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1699545663858&publicationId=thestar.com
Frame ID: AD3A51439AA303FFA332DAD88479656A
Requests: 12 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 55A425910B0BBDAB8914F29C532CE589
Requests: 1 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Frame ID: 230301082CB0A450E75019D7FECFAAC9
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 80C06D997B1E2B8D61A798CB68BFF3E6
Requests: 1 HTTP requests in this frame

Frame: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 007AF545D132E79D2E5C1507172FE6AA
Requests: 1 HTTP requests in this frame

Frame: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 136E94ECFAC8935CCF3D8DF3B1C81CF0
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1Gxlk9DKKnVqsfHlDHnHECjhdXC1afwxZh3IKbZ4kZ_EpHAWidm6okHbaICRJP7qPzEuk9-AXFG0wzy3ZHySYH32EmE0JgE-4xEtNCMmbVOU3wRT9ABtY1Kzp3fu4BZUGcRq60nGRClI-r5VS5vLP9nBm-OI7dYnKrQv0M3oJE9Dhou5ElJUbzNq4PeJ5OeluSbhX2GHTEzQksruXe0jr0HkdR2cACfjjJI7f2XTMvYd1pk8NQJ5dhvK9cTKp4_ydQoXpx4bMeo048AZFxmwxO8J3ekbwdQLquLyCa-4IsVaeIRx2Zb8w9HtRo5VnIecqW397y78bd1EuzA&sai=AMfl-YRXGFoQ4vds4Mv2pZhil9x4cuE9HenFibQjWuFiD3M2H5-zQ2i_anFk2TI0OnU6JBl2VIOVn4UBGWCFkS4MBRpKIUO58KVL5TMJNir4FOwUEEOFytAgrSPin6UAAQ&sig=Cg0ArKJSzOmkmjyZffEKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C43CDE1F6007A1A08293978A4B2AC24B
Requests: 11 HTTP requests in this frame

Frame: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F2D45072D29B098F993A241BD313B13
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Frame ID: C73D7C476AEA190535E5FD1C6CB46535
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Frame ID: A815D77154E4B0FB335F2C8F56D40452
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3648EB2D8067B86F34903F6857BEB8A4
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Frame ID: AB0F38A69771B60AFDDBB9FF1B30982F
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 660DB42F00F2681ED55FEBFEE527552D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
Frame ID: 9856E9E765EEFB5812EEDC7A232020A3
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F81DA9085C3262E57BBF07F59EB0C0A5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 03E4039286F229D6EEF738443B18667E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: E58221C57472FCE31D5091B7BF53C7AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: C66C6DA504CEC5D855DB5EA4CABE4EE9
Requests: 1 HTTP requests in this frame

Frame: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/standard.js
Frame ID: 6931A2097D32B264034D5DD7D58ACA57
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: B38C29B68A99E3718CA5D755D4D8E1EB
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5
Frame ID: 467C5558796D74DCEE6A827F8307431B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: B2C4FF711BB38387D7EBEE1781F21268
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: BC39256868D42597E722E2057A5740C1
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 58AA3107A1E4F1824FD379829B79C13F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 8370DDD853625EB9020A13DD7D85A498
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8507598715724842454&ex=appnexus.com
Frame ID: DE51F381F4CF8A484438BE545D94BE18
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 29F0D3991B93C0A39227CC5A95C92E97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FD43D58613046D5B5E58B40A2DB8C78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83BD225B8D56A30A61D07FCA5E11ED0C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Breaking News - Headlines & Top Stories | The Star

Page URL History Show full URLs

  1. http://thestar.ca/ HTTP 301
    https://www.thestar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

412
Requests

87 %
HTTPS

0 %
IPv6

81
Domains

131
Subdomains

93
IPs

6
Countries

6303 kB
Transfer

15420 kB
Size

122
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thestar.ca/ HTTP 301
    https://www.thestar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://btloader.com/tag?o=5071905434894336&upapi=true&async=true HTTP 302
  • https://btloader.com/tag?o=5071905434894336&upapi=true
Request Chain 96
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
Request Chain 107
  • https://cm.everesttech.net/cm/dd?d_uuid=23261461132897361521511620196744541603 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU0CQAAAADmAUANw
Request Chain 155
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp&cc=1
Request Chain 164
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F HTTP 302
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Request Chain 171
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1699545664742%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
Request Chain 178
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1&C=1
Request Chain 248
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU0CQxAMBGmLWfUO5PEdBgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBJZAtIyM7xvO2w440d9Bs&google_cver=1
Request Chain 250
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwNzU5ODcxNTcyNDg0MjQ1NA%3D%3D
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZ0nygnBJNBlTONuuWx8ek&google_cver=1
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA7hX_LMXafyMvXbWi0-4zs&google_cver=1
Request Chain 254
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTZhNmVhMzktZDU5Mi00YTIwLTkwNzctMThiNTAyMjYwNjlj
Request Chain 255
  • https://px.owneriq.net/ecmg?google_gid=CAESEBnFz9fBxG27FSXT9ZIQxCc&google_cver=1&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK-6-DRAuEXPnaRGtasuZWWVfox9nzeed5wFsu HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK-6-DRAuEXPnaRGtasuZWWVfox9nzeed5wFsu%26google_cver%3d1%26google_gid%3dCAESEBnFz9fBxG27FSXT9ZIQxCc%26google_hm%3dUTc1MjgzMjA3NDEzMzg5NzQzODM%3d&uid=Q7528320741338974383&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK-6-DRAuEXPnaRGtasuZWWVfox9nzeed5wFsu&google_cver=1&google_gid=CAESEBnFz9fBxG27FSXT9ZIQxCc&google_hm=UTc1MjgzMjA3NDEzMzg5NzQzODM=
Request Chain 256
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG3PmjMpG8G-BVGnAm3p7QE&google_cver=1&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5nduiCnvTe1KJb_sgx0g55YH5JA3NUB2eE4MI8R81sZP8LGeTneThDd1YxOa9tefEdv9s4zV HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hbfUx4ltQO4txnrv4bs3MA&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5nduiCnvTe1KJb_sgx0g55YH5JA3NUB2eE4MI8R81sZP8LGeTneThDd1YxOa9tefEdv9s4zV
Request Chain 258
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMmMh-Qv0kXvd2pYjMlWQHc&google_cver=1&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJnMRJeMsmLf8XHcrtvL9BOMJrMydj5oto95Tgt9Un1CQhRJzm7FbkJJ-pdVhFnI8UXgZwyfM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJnMRJeMsmLf8XHcrtvL9BOMJrMydj5oto95Tgt9Un1CQhRJzm7FbkJJ-pdVhFnI8UXgZwyfM
Request Chain 259
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9UFu_9cuzoVnNZ2fxkfgY&google_cver=1&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNEPWpabXmSuo_a2DqByQnubVwA1EcFuGKgjzrMU7MvA_quONi4PZ3l4DdI HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNEPWpabXmSuo_a2DqByQnubVwA1EcFuGKgjzrMU7MvA_quONi4PZ3l4DdI&google_gid=CAESEP9UFu_9cuzoVnNZ2fxkfgY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4MzI3Nzc0MjM2Nzc5MzU3ODYxNg%3D%3D&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNEPWpabXmSuo_a2DqByQnubVwA1EcFuGKgjzrMU7MvA_quONi4PZ3l4DdI
Request Chain 260
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOnlvfDsSvJ5dO7-URfA2KE&google_cver=1&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCohpCpCDuoPs0BBAGAHW5LQJSd50n-ao2QgnlXw5eWarVUGP5wrAqEfAxMDgwWiGYzMu4SjjH3Q_auhaDW31dReGsYrnO5xg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCohpCpCDuoPs0BBAGAHW5LQJSd50n-ao2QgnlXw5eWarVUGP5wrAqEfAxMDgwWiGYzMu4SjjH3Q_auhaDW31dReGsYrnO5xg
Request Chain 261
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELgRMkt8-mZaVd6Esdph1rk&google_cver=1&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4hX0NBY5nXzIyY-VwaPD7Y3_7aYEEq6 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESELgRMkt8-mZaVd6Esdph1rk&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4hX0NBY5nXzIyY-VwaPD7Y3_7aYEEq6&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4hX0NBY5nXzIyY-VwaPD7Y3_7aYEEq6&google_hm=dVFvdzNPWWxhMDlaVkp3R3NWQUE=
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJyX5WgCKlooJNihJb16HTM&google_cver=1&google_push=AXcoOmQJ1Q0gG2ZsPC4V48Dehc6P0udx3zomoMciQjBZHUZED-MDHIKRdMeAc8-TGOBE740ryj6SfQSZHRMBNv6tm5CQhH550urY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlUwQ1FBQUFBRG1BVUFOdw==&google_gid=CAESEJyX5WgCKlooJNihJb16HTM&google_cver=1&google_push=AXcoOmQJ1Q0gG2ZsPC4V48Dehc6P0udx3zomoMciQjBZHUZED-MDHIKRdMeAc8-TGOBE740ryj6SfQSZHRMBNv6tm5CQhH550urY
Request Chain 284
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA_c-eawUnA9JLdzAS52gFQ&google_cver=1&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lANrLspLNtPjDqlKK9e3Sx70j8Yv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRExZSFotMUwtTDlaSw==&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lANrLspLNtPjDqlKK9e3Sx70j8Yv
Request Chain 285
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBbEYmgNMJH-OnWF-iGvEtw&google_cver=1&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ&google_hm=aaab324b61297eeb30ef6babcf1565e1
Request Chain 286
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEL3RL0_qmScUcO88ta2ZY0Q&google_cver=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUwR3lSxQjQ9tzFB1ViCrLFz2FP HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEL3RL0_qmScUcO88ta2ZY0Q&google_cver=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUwR3lSxQjQ9tzFB1ViCrLFz2FP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=qM0hMZseTH233cK5gs2e8g==&no_redirect=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUwR3lSxQjQ9tzFB1ViCrLFz2FP
Request Chain 287
  • https://sync.inmobi.com/gob?google_gid=CAESEB-k5mtHRYLXuoy_tU5phTA&google_cver=1&google_push=AXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16izV9N836Zcw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16izV9N836Zcw HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-64feXG7jem6itz90iSgNIGbHPDeQm10Vt7LGlwuPqA&google_push=AXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16izV9N836Zcw
Request Chain 288
  • https://trace.mediago.io/cs/google?google_gid=CAESEMfrtUL_E2bPJzfh9d_vqkY&google_cver=1&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO-pcvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO-pcvg&google_hm=4df39c49018bf5b81a83pb00lordm0lt
Request Chain 304
  • https://gcdn.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/869E6679D7438AB0FD4783D2D52B7BFE17DDBC3B.313E18F7E1E9A410E939D7F3B672709AFF46BD23/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-tt1elnel.c.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DED4EAC59C2581C0A20971FD471EAC405CF7406.848B1D4038D88425034EAD0A4C8A7BE9A158368F/key/cms1/cms_redirect/yes/mh/Dw/mip/62.3.36.80/mm/42/mn/sn-tt1elnel/ms/onc/mt/1699545412/mv/m/mvi/2/pl/24/file/file.mp4
Request Chain 343
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Request Chain 344
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
  • https://sb.freeskreen.com/um?sa=4931313997601554858
Request Chain 345
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://sb.freeskreen.com/um?tlr=7d924210a71944209ca74cb5888df183
Request Chain 347
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
  • https://sb.freeskreen.com/um?ni=938d24a76287bd1f94858a72632d41ab
Request Chain 350
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LORDM2OO-M-J4Q HTTP 302
  • https://sb.freeskreen.com/um?mg=LORDM2OO-M-J4Q
Request Chain 351
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=&expires=30
Request Chain 352
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFmZDQwMDA2Y2E1Mzk3YjEyZTEwOTZhODYwMGJiMzMyODllMzQ4Nw
Request Chain 353
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SDM5Wd14Qt2Zu8yXKGu3ug&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SDM5Wd14Qt2Zu8yXKGu3ug
Request Chain 354
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9SRE0yT08tTS1KNFE= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA_c-eawUnA9JLdzAS52gFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRE0yT08tTS1KNFE=&google_push=
Request Chain 355
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NAOlwxRKTeuERGajs4wQdQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NAOlwxRKTeuERGajs4wQdQ
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM8cbMKo5nJtn_3YSb52G1M&google_cver=1
Request Chain 357
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PCfxmKXfJR6BTg12BWrOZw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K6GIW3JE2oL3Fbg64pYf0GXvKhXpJ8HrC4yuMw--~A
Request Chain 358
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORDM2OO-M-J4Q
Request Chain 359
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFFR07KmgUAABM19mn2rw&expires=30
Request Chain 360
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LORDM2OO-M-J4Q
Request Chain 361
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q
Request Chain 362
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LORDM2OO-M-J4Q HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q&ckls=true&ci=vL4bYB9fAR&nc=false&trid=-1995885247
Request Chain 363
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORDM2OO-M-J4Q
Request Chain 364
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORDM2OO-M-J4Q
Request Chain 365
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5545f322-0164-43ee-b0db-2be96d5d2763&expires=30
Request Chain 366
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LORDM2OO-M-J4Q&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LORDM2OO-M-J4Q&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUVJCaS54RTJ1RzJ1RlFiM3lCVFFSOWNwOG1qYndfQ35B&ovsid=LORDM2OO-M-J4Q&dpid=58160
Request Chain 383
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8507598715724842454&ex=appnexus.com
Request Chain 388
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 390
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1699545680444 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3762191252 HTTP 302
  • https://sync.1rx.io/usersync/turn/8329712340727933454?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_id%3DRX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005
Request Chain 393
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LORDM2OO-M-J4Q HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LORDM2OO-M-J4Q&ex=d-rubiconproject.com&status=ok

412 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thestar.com/
Redirect Chain
  • http://thestar.ca/
  • https://www.thestar.com/
559 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e7ab16511b01d7e83a22a158d03372717da03c39b91852186e64ced3fa6edccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
123
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
84852
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 15:58:59 GMT
etag
W/70cbb0557632deb6079b073679175149
last-modified
Thu, 09 Nov 2023 15:58:58 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.71.7; app13; 0.85s; 7.7M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.thestar.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 09 Nov 2023 16:00:36 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.thestar.com/
Server
Apache/2.4.46 (Unix) OpenSSL/1.1.1h
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
796351
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca823701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
user.js
www.thestar.com/shared-content/art/tncms/user/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:57:14 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 14:29:57 GMT
x-vcache
HIT
age
228
etag
W/"65410f65-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
25237
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca8c3701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
800434
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23d-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca873701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
639325
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Aug 2023 18:23:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64d52b28-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca853701-YYZ
expires
Wed, 14 Aug 2024 19:01:18 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
35513
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294203-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca8b3701-YYZ
expires
Wed, 30 Oct 2024 11:28:53 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
813031
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23c-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca813701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
625097
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:07 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23b-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa343701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
layout.1896e79030d801bc73d109ad96810eba.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.1896e79030d801bc73d109ad96810eba.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f19be4d1241ea42837ed32fb07fe4e95101a703aa70cab90c6421a585fe52c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
629177
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:41 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da5-26672"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa363701-YYZ
expires
Wed, 30 Oct 2024 19:01:17 GMT
flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		531 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
813579
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23f-213"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa433701-YYZ
expires
Thu, 18 Jul 2024 22:55:08 GMT
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
111311
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23f-2021"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca7e3701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
access.d7adebba498598b0ec2c.js
www.thestar.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:58:50 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 19:49:47 GMT
x-vcache
HIT
age
132
etag
W/"65415a5b-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
  • https://btloader.com/tag?o=5071905434894336&upapi=true
51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29377d5ef8029ac1db67631d85f7f607c9aaed6156fe4196907da440473cafed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 15:47:15 GMT
server
cloudflare
age
620
etag
"35ab5a60681a8b4d59b977c0c36da747"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
823745ae4f6536b2-YYZ
content-length
17764

Redirect headers

date
Thu, 09 Nov 2023 16:01:03 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
620
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5071905434894336&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
823745adbe1a36b2-YYZ
thestar-sdk.js
thestar.solutions.cdn.optable.co/public-assets/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.43.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.43.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4dc3a5ba6e8f6883d42c2affa4a5db6bf56dde9c97a4814567b3444cab78c748

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:22:16 GMT
content-encoding
gzip
via
1.1 google
age
2327
x-guploader-uploadid
ABPtcPowkIVK_bghLZyINAf_a3IO8Eo5JIDQdWFxSRb7AjXtK6iMWO1YX8n_sunRkg2FJP5ep4Ud5QwBFmKe4wXm6FDyNg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5761
last-modified
Thu, 05 Oct 2023 20:47:05 GMT
server
UploadServer
etag
"f0783bb2e0d3fceada5a2e37d12d545a"
x-goog-generation
1696538825607030
x-goog-hash
crc32c=0C21fQ==, md5=8Hg7suDT/OraWi430S1UWg==
content-type
text/javascript
cache-control
public,max-age=86400,no-transform
x-goog-stored-content-length
5761
accept-ranges
bytes
footer.nav.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		2 KB
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/footer.nav.js?_dc=1698935584
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101053
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b320-8f5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca863701-YYZ
expires
Fri, 01 Nov 2024 14:38:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
33998370d239e34ca2bbaeec24d6e1be2a063da533c00fcc649f7a3f3ea1ada9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31286
x-xss-protection
0
server
cafe
etag
1 / 19670 / m202311020101 / config-hash: 6338164477709008632
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:01:03 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
796351
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23e-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca8f3701-YYZ
expires
Thu, 18 Jul 2024 22:54:57 GMT
tracking.js
www.thestar.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 14:29:57 GMT
x-vcache
HIT
age
297
etag
W/"65410f65-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
632568
cross-origin-resource-policy
cross-origin
last-modified
Thu, 14 Sep 2023 21:59:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65038248-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bca3701-YYZ
expires
Wed, 18 Sep 2024 19:01:18 GMT
client
accounts.google.com/gsi/ 		199 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f84.1e100.net
Software
ESF /
Resource Hash
4fad6f434e07a7b7a8ce0c5132a48c29dfc92228f23ab78e1d2e801228cf1cb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EBntMgNVK46l7cCePu99eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-EBntMgNVK46l7cCePu99eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 09 Nov 2023 16:01:03 GMT
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
sffe /
Resource Hash
7577f11380640233880201f9a76dbec05d924583d497ccbe50f4d208151044b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60528
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 20:09:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:25:36 GMT
launch-9387fe3a1e9f.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/ 		342 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbf68a0da26f2137d981e90dc41fd86a76dbf9bd84c3a78f07898f98f32320be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:07 GMT
x-amz-version-id
KPvff6tdkqDRWrhwKXBWNK0_wc2YH_c.
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:49 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"b2e02a747a7add80d867fdb2a4e8a873"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
_q81iRFceg5X1jAzQXCa3LW0ymIq6Xgjj8p5VHZjfb9me0OJj_4DCA==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 		514 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254b425c8287494d9cf74279575842918beb0183c01ef4393abe5c4ca2b6cc40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
age
0
x-guploader-uploadid
ABPtcPpWUDiZDjOKidvYWHSb2J7GQ11RvWcqDPugohNxrZQZRV-LmaVupi6d-QBGXeDHuXnChpLNEHhcD2qvzO9p28c4nU1i7TSs
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Mon, 30 Oct 2023 18:20:12 GMT
server
cloudflare
etag
W/"100ebd009a7f5eeafe48d9349917c636"
vary
Accept-Encoding
x-goog-generation
1698690012532332
content-type
application/javascript
x-goog-hash
crc32c=bXL68w==, md5=EA69AJp/Xur+SNk0mRfGNg==
cache-control
public, max-age=900
x-goog-stored-content-length
162716
timing-allow-origin
*
cf-ray
823745adcc4b543d-YYZ
expires
Thu, 09 Nov 2023 16:16:03 GMT
css2
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
85e1ef3c0d8442b0131cdc81c03f99a175a6b6cd326c8166a5867d1bf15a37d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:58:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Nov 2023 16:01:03 GMT
navigation.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/navigation.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609772
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-28b1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca7c3701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
pages.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		198 B
219 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/pages.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
112581
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-c6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca7b3701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
blocks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/blocks.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-12e6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa3d3701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		628 B
442 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/utilities.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
100973
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-274"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca763701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
global.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d867d176ec313a1231410e0153d440ad5bdc9ec278629bc962ec6566b79ef989
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609772
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-8893"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa3f3701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
stn.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		3 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/stn.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-ded"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca793701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
storypacks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		52 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/storypacks.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e51d53b4513a76861c42a278ecb208963d19159bd9077c004a980393cb858c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-cf92"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa413701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/utilities.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdfb68747a5a7f47a19fd9a95319d9671d86edabd9100f89daf7ef4ce32a45f0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609772
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-7f47"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca743701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
user-controls.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/user-controls.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-1839"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa3c3701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
icons.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-2dda"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca713701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
staronly.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		223 B
217 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/staronly.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609775
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-df"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca773701-YYZ
expires
Fri, 01 Nov 2024 14:38:07 GMT
site.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		339 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/site.css?_dc=1671043982
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
35955
cross-origin-resource-policy
cross-origin
last-modified
Wed, 14 Dec 2022 18:53:02 GMT
x-vcache
MISS
server
cloudflare
etag
W/"639a1b8e-153"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acaa383701-YYZ
expires
Fri, 01 Nov 2024 08:24:23 GMT
tracker.js
www.thestar.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:59:05 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 08:22:23 GMT
x-vcache
HIT
age
117
etag
W/"654b453f-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
31c48758-8d44-11ed-8c30-0bcb8697ec11.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/31c48758-8d44-11ed-8c30-0bcb8697ec11.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
706424
cf-polished
origFmt=png, origSize=1362
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="31c48758-8d44-11ed-8c30-0bcb8697ec11.webp"
content-length
1086
cf-bgj
imgq:85,h2pri
last-modified
Thu, 05 Jan 2023 21:59:15 GMT
server
cloudflare
x-vcache
MISS
etag
"63b74833-552"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745acca923701-YYZ
expires
Wed, 23 Oct 2024 16:28:50 GMT
654c0afcd70fb.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/8/93/89372883-80c4-57ac-bdd8-de7216ee3a7d/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/8/93/89372883-80c4-57ac-bdd8-de7216ee3a7d/654c0afcd70fb.image.jpg?resize=1200%2C800
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a82047434c3caf7219f9053a7c46c221750f04ef80b953622d082ac50c5fd3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
21158
cf-polished
qual=85, origFmt=jpeg, origSize=95620
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="654c0afcd70fb.webp"
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 22:26:05 GMT
server
cloudflare
x-vcache
MISS
etag
"194af812808dea04f4fdf4c6ad41765d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745acca933701-YYZ
expires
Fri, 08 Nov 2024 10:02:07 GMT
2faeee7c-8d44-11ed-8c18-eb5483a10695.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/2faeee7c-8d44-11ed-8c18-eb5483a10695.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
118774
cf-polished
origFmt=png, origSize=1545
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="2faeee7c-8d44-11ed-8c18-eb5483a10695.webp"
content-length
1228
cf-bgj
imgq:85,h2pri
last-modified
Thu, 05 Jan 2023 21:59:11 GMT
server
cloudflare
x-vcache
MISS
etag
"63b7482f-609"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745ad2b2f3701-YYZ
expires
Wed, 06 Nov 2024 20:44:15 GMT
subscription-landing.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/subscription-landing.css?_dc=1698935585
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9bf3c7c5328cca0b634dfe8af544c3c5fc04e3a0a890a73c5a063a7ea2c856
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
32838
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b321-2a95"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad5b6d3701-YYZ
expires
Fri, 01 Nov 2024 14:38:08 GMT
edition-selector.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/edition-selector.js?_dc=1698935584
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609772
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b320-2076"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bb43701-YYZ
expires
Fri, 01 Nov 2024 14:38:06 GMT
tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
813888
cross-origin-resource-policy
cross-origin
last-modified
Fri, 29 Sep 2023 16:55:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65170198-35a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bb73701-YYZ
expires
Wed, 02 Oct 2024 19:01:17 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
106625
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23d-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bbb3701-YYZ
expires
Thu, 18 Jul 2024 22:54:59 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
653262
cross-origin-resource-policy
cross-origin
last-modified
Mon, 17 Jul 2023 20:19:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b5a23c-1021"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bbf3701-YYZ
expires
Thu, 18 Jul 2024 22:55:08 GMT
liftigniter.min.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1698935584
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
602b2f3c4f911d31f8c395dd02670adf1f506421caed47e470341be496c97dc9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
29185
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b320-359a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bc13701-YYZ
expires
Fri, 01 Nov 2024 14:38:06 GMT
promo_popup.min.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		3 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/promo_popup.min.js?_dc=1698935584
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609771
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b320-a04"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bc43701-YYZ
expires
Fri, 01 Nov 2024 14:38:06 GMT
tnt.access.user.modal.offer.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.offer.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
save.asset.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		2 KB
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/save.asset.js?_dc=1698935584
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
609772
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b320-721"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad7bc93701-YYZ
expires
Fri, 01 Nov 2024 14:38:06 GMT
vf-v2.js
cdn.viafoura.net/ 		847 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-85.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd07d700ee84ac07df30d7365d6c7a31a2479f53b2c47d3878c9c4ec272ca751

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
Wvls.D2Id4H2LdXeDBBf1Bd85pyNAckq
content-encoding
br
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 15:56:57 GMT
x-amz-cf-pop
IAD89-C3
age
247
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Nov 2023 15:26:43 GMT
server
AmazonS3
etag
W/"78e09d1c29076d616a66ab3fd9c03454"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
Xwn47nC_em0J5V1aJqkXpPhgqHhGVtmGTrPeWzd6lV1bxzPgz_UEYg==
gtm.js
www.googletagmanager.com/ 		230 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e89864f92e9bb2ccb8ef33e86cb028ce410e76ccd8bc7817890c419c51c574df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79033
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:03 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		265 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.111.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-111-130.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de3984198eb73078bb727320b1363493cdc3c1a74c10162e8182b344c5181ae0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:54:02 GMT
content-encoding
gzip
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront), 1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 21:46:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD61-P2
age
422
x-amz-server-side-encryption
AES256
etag
W/"2b5c992b7f2fc9fad451b2c61f2e15f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
0Xel_r4kyKnGsQIHjTUagkzqdPcto-27-3WTNSeNjiPrDJxzTq0IwA==
channels.cgi
torstar.gscontxt.net/main/ 		517 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.70.51.45 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
28e3ae9ba348988c0237bd6a8a1abc8e88a8bef3e09fdbb6b87c958811919942

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
517
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ 		244 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b0fce4ae8fa4e3b4dd86eb2bb7b52671f72762e83abe677f7cd8f5a7e8ae0c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84102
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker.gif
www.thestar.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=169954566358516001200760593727566&tnms_dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&tnms_upage=1&tnms_do=www.thestar.com&tnms_uri=/&tnms_ref=&rt=1699545663588
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
Toronto_Star_logo.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/Toronto_Star_logo.svg?_dc=1698935583
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101053
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:33:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b31f-16bb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad9bf53701-YYZ
expires
Fri, 01 Nov 2024 14:38:05 GMT
guest.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		662 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/guest.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
639325
cross-origin-resource-policy
cross-origin
last-modified
Thu, 19 Oct 2023 18:06:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6531703b-296"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745ad9bf63701-YYZ
expires
Thu, 31 Oct 2024 05:43:24 GMT
nbetting.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/nbetting.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1698935585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1698935585
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
106983
cf-polished
origFmt=png, origSize=11103
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="nbetting.webp"
content-length
6086
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Nov 2023 14:33:03 GMT
server
cloudflare
x-vcache
MISS
etag
"6543b31f-2b5f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745ad9bfb3701-YYZ
expires
Thu, 07 Nov 2024 09:42:45 GMT
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:40:35 GMT
x-content-type-options
nosniff
age
37228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38268
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 05:40:35 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
indicator-icon-aggregation.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		703 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/indicator-icon-aggregation.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
118804
cross-origin-resource-policy
cross-origin
last-modified
Thu, 19 Oct 2023 18:06:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6531703b-2bf"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745adbc3f3701-YYZ
expires
Wed, 30 Oct 2024 09:39:12 GMT
chevron.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		347 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/chevron.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1698935585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1698935585
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
714534
cross-origin-resource-policy
cross-origin
last-modified
Tue, 18 Jul 2023 19:58:47 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b6eef7-15b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745adbc443701-YYZ
expires
Thu, 18 Jul 2024 22:55:08 GMT
warning-updated.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		383 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/warning-updated.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1698935585
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
725659
cross-origin-resource-policy
cross-origin
last-modified
Tue, 18 Jul 2023 19:58:47 GMT
x-vcache
MISS
server
cloudflare
etag
W/"64b6eef7-17f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745adbc473701-YYZ
expires
Thu, 18 Jul 2024 22:55:00 GMT
j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v20/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:24:40 GMT
x-content-type-options
nosniff
age
38183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44476
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 15:33:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 05:24:40 GMT
7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.a0b13c4b7a02e09c478fe74111026137.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/7/cf/c38/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/7/cf/c38/7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.a0b13c4b7a02e09c478fe74111026137.png?_dc=1683205896
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597cf1adbafca51f41aedfbdc509c2e15e81382778e096b1398c66cda6865f2d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
707961
cf-polished
origFmt=png, origSize=11530
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.webp"
content-length
7428
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 May 2023 13:11:36 GMT
server
cloudflare
x-vcache
MISS
etag
"6453af08-2d0a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745adeca03701-YYZ
expires
Thu, 31 Oct 2024 08:36:51 GMT
1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.784b653fa494d1b84d4bf6df570ed4b7.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/1/ad/756/ 		420 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/1/ad/756/1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.784b653fa494d1b84d4bf6df570ed4b7.png?_dc=1675323302
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
154975
cf-polished
origFmt=png, origSize=642
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.webp"
content-length
420
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Feb 2023 07:35:02 GMT
server
cloudflare
x-vcache
MISS
etag
"63db67a6-282"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745adeca33701-YYZ
expires
Wed, 06 Nov 2024 20:08:18 GMT
2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thestar.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:28:23 GMT
x-content-type-options
nosniff
age
37960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37848
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:30:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 05:28:23 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:05:41 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:15:08 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame AD3A 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1699545663858&publicationId=thestar.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
ESF /
Resource Hash
38fd5e1667a3b3d67b25d595f6e73a8e52b7cbe691ec11777a0b8ea1426b7ab0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b_MHNYabZJieyjqslMt7Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-b_MHNYabZJieyjqslMt7Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 09 Nov 2023 16:01:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
5028
config.aps.amazon-adsystem.com/configs/ 		505 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5028
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
69c5ca4015f3d5ab50da17f4b6faca822d0f65a9cfee939ea50d8fcd3754bae4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:18:34 GMT
via
1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2549
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
UAbgx8S1HhmhkzQdeJd2wZYbyvD8cfw3MAWWuXFn6q3rqWyETn5Xbg==
config
c.amazon-adsystem.com/cdn/prod/ 		561 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.111.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-111-130.iad61.r.cloudfront.net
Software
Server /
Resource Hash
599ad3d38d3be0b776825cf6296bd4eb99ed608fadea0b7bd8e37a626c338cd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 12:39:18 GMT
via
1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
age
12104
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
561
x-amz-cf-id
oV-U0o7kOANIGiD7Ipid65jJ64ZVJuGQcdnlwK7f-voB7hyXbHA4lg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.111.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-111-130.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 689115ff2de1803f311819422d2bbc9e.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 15:55:43 GMT
x-amz-cf-pop
IAD61-P2
age
321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
48FwI6VAL_Z0habHJlNlNX7ajCTGu0Q5hUi4U4Z4NxZjw7VBD9uFIw==
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f76ddc67969b7947ccfb65e1dfa7295eea4634f7b076c3071530136a4341f0ba

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:04 GMT
an-x-request-uuid
433ed61a-fffb-485e-a10a-f87484c5fc0c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.80; 62.3.36.80; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
654c0d15a0606.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/2/08/2089226f-3580-500c-b4d9-eed0d7f2ffb2/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/2/08/2089226f-3580-500c-b4d9-eed0d7f2ffb2/654c0d15a0606.image.jpg?resize=400%2C267
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8c4fb124d245ed0f88903cfc511d6ce618fb61f344ce578ffcbbc5d00294083
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:03 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
16419
cf-polished
origSize=17665, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
17479
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 22:35:01 GMT
server
cloudflare
x-vcache
MISS
etag
"1bb6017f6f9aa7203dc126bab28cc43c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745afe8e53701-YYZ
expires
Fri, 08 Nov 2024 11:01:54 GMT
id
dpm.demdex.net/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1699545663993
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.26.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-26-120.compute-1.amazonaws.com
Software
/
Resource Hash
2c070f1f68beb6e37a675f9863ef687aab4b22a195d55fc208f060fd5e21b186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-2-v052-06769b39e.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
T6OurH1vQOs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thestar.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
326
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/hostedLibFiles/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/hostedLibFiles/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:07 GMT
x-amz-version-id
IeYfq1f0DrrraWZxPOJwts.0GwlEDvW4
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:12 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"ade220db70aa3259d42f32d039757920"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1618
x-amz-cf-id
3da4ko1KsHdP2hdem0nZiewRrZu67RY5bjeqWr26qdSHCeUmsbgGGA==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/hostedLibFiles/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/hostedLibFiles/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:07 GMT
x-amz-version-id
61NhD8_nLARqkZZP9Yu14uX6DddvdgGS
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:12 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"051ec0e10d7fb5b48a8bf326aa3a7442"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1618
x-amz-cf-id
mpCBnEl6h86j4vVU1obAVnJPrlN_AP-jn7ZDPXoaaRzVMjFNHe1SEQ==
targeting
thestar.cloud.optable.co/prod-thestar-com/v2/ 		315 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.12.0
Requested by
Host: thestar.solutions.cdn.optable.co
URL: https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.155.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.155.149.34.bc.googleusercontent.com
Software
/
Resource Hash
14db1e5d48bb5068b105ab6eec9e41983ec18dd0f1eb903a7fde3255016abc73

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
targeting
thestar.cloud.optable.co/prod-thestar-com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.155.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Nov 2023 16:01:04 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2023 15:27:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2019
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 09 Nov 2023 17:27:25 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7b83a890d7505000802a345b42875f421e15ee462b166a33e96acff939c1c671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64931
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
gtm.js
www.googletagmanager.com/ 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
214afbfa73ab4d9667ec286d846fbe886fe595a4654d8c53dab2602a8345cb98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70402
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
685671
x-guploader-uploadid
ABPtcPoCNwhiALcktML_yl5yo1BILg8XCvuhYarH18a4QnIHT87IdwPHma7PsWhlSq8P0lk5Grg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BqmtT3mnEhk8FllwPzXEkBmcREPFVGuMwbegS4Ntt22VGSeo8BOrlWY6Q2RHFIP5T0y9WVr4xtbZfC8sA8JzLsRl56h6ipFy%2BgcYIkZ7tmeCVRWdyqqmQoHh155oGtcpw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
823745b0abc9a1f3-YYZ
expires
Wed, 01 Nov 2023 17:39:35 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 15:59:08 GMT
px.gif
ad-delivery.net/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.028112049363058667
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
685671
x-guploader-uploadid
ABPtcPoCNwhiALcktML_yl5yo1BILg8XCvuhYarH18a4QnIHT87IdwPHma7PsWhlSq8P0lk5Grg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfNal3AG%2F8spWmIVlUVdpleHnJK9BmyySr6055Pnui5MwPU6mmd7Bwr88ZXkPF2MTJJ55PgMGiQsgz0HxlnRCpuEI9OcZqfNv%2B63WwUx8D6njoOXj6NT%2B%2FV5fN5zA12uHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
823745b0abcba1f3-YYZ
expires
Wed, 01 Nov 2023 17:39:35 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 04:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
40394
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 08 Nov 2024 04:47:50 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame AD3A 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u8Nmn8MmNyy4vh1AkNDrFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1699545663858&publicationId=thestar.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-u8Nmn8MmNyy4vh1AkNDrFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/ed=1/rs=ABXTjI7xdw0nAMvJsQ9RQ33uZ-pjGG_I5Q/ Frame AD3A 		745 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/ed=1/rs=ABXTjI7xdw0nAMvJsQ9RQ33uZ-pjGG_I5Q/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1699545663858&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:03:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 14:03:28 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame AD3A 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1699545663858&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
f898b60ab19b145b336d5e29eecf0c6e0f271578acd7a0737254a67c5978804a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 16:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71709
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 03:53:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 16:46:56 GMT
cf15bdc0-aef6-443b-af6d-e66e0d9dc862
https://www.thestar.com/ 		227 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/cf15bdc0-aef6-443b-af6d-e66e0d9dc862
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2a45f6124b183effa478f0756c2751459282557677ccd4a71aa06e6ce5a9397

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
232131
Content-Type
64f721cc-fbe5-4610-a8d3-2965bab94d46
https://www.thestar.com/ 		227 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/64f721cc-fbe5-4610-a8d3-2965bab94d46
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2a45f6124b183effa478f0756c2751459282557677ccd4a71aa06e6ce5a9397

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
232131
Content-Type
web-vitals.iife.js
unpkg.com/web-vitals@3.5.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
490239
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HEBSGNZEJWVD391SJT0SJNJZ-yyz
server
cloudflare
etag
W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
823745b1de0da226-YYZ

Redirect headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HETCS33M9913RJZQ9GP7WW5T-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
278
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.5.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
823745b14d53a226-YYZ
RC9f420745bfe3432db301b8d5c1ea8eb9-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		440 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC9f420745bfe3432db301b8d5c1ea8eb9-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dbb54f00210789524e7a7681d87ab665cd80d3727084fbb42b9e31fe2ff6612

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
3zW3rq7S4QCVSW66kcJkQhKNolZJEBW1
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1617
etag
"489618504def7647f6105a0c18a6c9e4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
440
x-amz-cf-id
VlfFp-vnEaE8q6pBi6-gOkAORmnVZi8GDv7g2q7q6ATHbhh2nn7D0A==
7noslr035pfb0mvo-nbc.js
cdn.petametrics.com/ 		178 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1698935584
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
e20d3bb0302faeb3b849681c8cc841396e341210c2098d6d212380ade5bd6e4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:04 GMT
Content-Encoding
gzip
x-amz-version-id
3._sLdESGSiRnspqkBC6gJOOceHcmV19
x-amz-request-id
W05T0R2Z55SHCBDE
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
51924
x-amz-id-2
iFO04iKHol2m7wn5mrJYGLUp5ag81g4GLCOPvUjMKiGqR/cPzC4SZOpGRC2i5ECLXQ2PJaRNwtbshk0JJXC8AA==
Last-Modified
Tue, 12 Sep 2023 22:57:42 GMT
Server
AmazonS3
ETag
"52f1b9226732a0aca57844533c122477"
X-HW
1699545664.cds213.ny3.hn,1699545664.cds212.ny3.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, s-maxage=31536000
Accept-Ranges
bytes
geoip
api.permutive.com/v2.0/ 		271 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
115c8f8f8704f0a12c47f478200552a56fef3d60efec25acbfcd3d2972901027

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
654c2cba41830.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/ac/3ac041b9-7120-516d-a9e0-fed31e19be17/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/ac/3ac041b9-7120-516d-a9e0-fed31e19be17/654c2cba41830.image.jpg?resize=150%2C100
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d275aadec8140dbcece4a126cb84dd95bb44d0937a0d3426865892cac7443f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
52292
cf-polished
qual=85, origFmt=jpeg, origSize=2313
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="654c2cba41830.webp"
content-length
1576
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 00:50:02 GMT
server
cloudflare
x-vcache
MISS
etag
"db119cc8ebc53ed25eabeec2f928d2c5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
823745b18bec3701-YYZ
expires
Fri, 08 Nov 2024 01:07:40 GMT
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.69.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-69-123.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Thu, 09 Nov 2023 16:01:04 GMT
expires
Thu, 09 Nov 2023 16:01:04 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.69.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-69-123.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ee19837fa1e3bc6c40b6713c42f4e48c62761624cfebafb4350e86c6679cc597

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-084e366ed31f5e5f9
pragma
no-cache
date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 09 Nov 2023 16:01:04 GMT
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 55A4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.243.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-243-144.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-va6-1-v052-06bf5b506.edge-va6.demdex.com 3 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
a02PWV9/Ra0=
content-encoding
gzip
date
Thu, 9 Nov 2023 16:01:04 GMT
last-modified
Thu, 26 Oct 2023 10:55:49 GMT
vary
accept-encoding
id
s.thestar.com/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=23253054339528186421510781647711301545&ts=1699545664261
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.219 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-219.data.adobedc.net
Software
jag /
Resource Hash
42b58a8790c9264d5d0b1fa725e4127fdc23449cb76f878901f357a9cb450f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.thestar.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZU0CQAAAADmAUANw
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=23261461132897361521511620196744541603
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU0CQAAAADmAUANw
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU0CQAAAADmAUANw
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
54.158.26.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-26-120.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v052-05d1050a3.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
71C5QmBuS2w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU0CQAAAADmAUANw
Date
Thu, 09 Nov 2023 16:01:04 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
identify
api.permutive.com/v2.0/ 		50 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3bd7f0737d318be93dd3adc42bf524d469962623952d260e2c1c6cdf90f0f196

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
pv
api.btloader.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=vfRKON40&w=5166328627855360&o=5071905434894336&cv=2.1.22-2-g062b835&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F&sid=yQ8XZjowQ&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:04 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
publisher:getClientId
ampcid.google.com/v1/ 		74 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
RC297c405a84114cdb8dfef502567534b2-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC297c405a84114cdb8dfef502567534b2-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d187c2f511caf906a11bfcdff997ae61a758b171420725cef499846cb8d42f07

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
lUWop0UcXYBEza0yBv5r0FEdVjXCt7En
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"0c7654dd47a63acdd360b4d458e09941"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
dbAZqHtn1HG5XYXwjK-M17XJGvYKDYGIyoPbnCmZ7_2d_CIi68AlPw==
RCf0112d0f8b3a4feaab250eec659eceab-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		1 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCf0112d0f8b3a4feaab250eec659eceab-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
041ee407acc52f80ff004eb3e813605ec18f450eb3290d7358b3544457509d9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
HhnNhgWvt1TuZcv9cPdQFxrWNrDJd7gh
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:12 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"bdae807cd6db86553ebd2e13f6ddcb70"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
MF1LfAhtREsF7xdb5KFLxsbn24wKJbfGuC6StBOnHHJBOHsThjBa9Q==
RC2d67bebc44ac448186c4257d3fb39565-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC2d67bebc44ac448186c4257d3fb39565-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c0325ef3b63cfd8058d8ef9acc2903dc4a79aba6c8947117498739e12922ee1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
WyHZXwn3FU6YbylQ1XX36PfSPnLKoESy
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"68047f8cb9fe6eb1e166b1112c1495e9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
fNDEx-ZOfeDn6gQg0PR59zrtCrjBlUzTseXnXHcFlUb8tKEQ6to25Q==
RCc1241c7df4944d3eaa65e872f3cc8ca9-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		1002 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCc1241c7df4944d3eaa65e872f3cc8ca9-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a49068e449a8410b19ffa987353b8b5101de02db99a5f5d128dfa44c014a2661

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
dYkIdWY9JJ.gQop_QOjBCGz0tt45juP9
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"071a107c5be6dfb484a7cae1461221d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
_XqxmCs7a_aMFleydVZKiCgZHuSxlwHaU2oE5YzxxymGb0R3tFb_Tw==
RCb0e8996d5b3d48db8e004dc1dd2e1105-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		962 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCb0e8996d5b3d48db8e004dc1dd2e1105-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5484ecf43135d45c32cfab5330368b4e28860ed71a20f904db53a71e54ba6fe5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
QCVVZf_QONj0aS3mQ0ovTtJh32HX2KaY
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1617
etag
"9a7077be5b21db02b79dbf5c107c809d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
962
x-amz-cf-id
1rSH2f2O9WQzicspuGYCLc6qMPpXr8c33-09VZo_LMs_xNcMWpZLpw==
RC29c993344e0940ea91a33d2d45bc2db6-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC29c993344e0940ea91a33d2d45bc2db6-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11838476fbbbecd7c257656f9c6ffddfd5e7fe6aa99212476625fa82bf940093

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:02 GMT
x-amz-version-id
dTx8uS.6VgDWl6BzAue3_EqpXjQJfBQU
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"deb6f5dcf56a48d3e3c223e63d9c226b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1623
x-amz-cf-id
fJX1uP_qyfX9gD5x2fxLrcDElny5Kk4CdSCuojPEJG1MpK-zkiU_XA==
RC9e4b0ab6c13d4376aaf29a4c5c3f129f-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		965 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC9e4b0ab6c13d4376aaf29a4c5c3f129f-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02ddb2b63946a8b255d5098db79cb2e79a83cabaffc51acd7948ed04e87a1e63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
JJOyPan6KtPB.df7oHXlxaFuWlGmzJZy
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1617
etag
"c2b5a61640036817bb034b4cd1cb6145"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
965
x-amz-cf-id
CTC9h4HJTrQXiIU8po4lMLaIcWbKX0ogu1rRsMWnH5mmTV_PpcQI4A==
RCb57cac41f35a455ea26de17d5174a8bc-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		953 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCb57cac41f35a455ea26de17d5174a8bc-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1f7fe8fd7e54542eee6f80c6c3f556b624b0848dea3e8830fd032073dbb7065

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
C.A.9xm.dM1BJid9jO05k.CdjgVdLqB0
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1617
etag
"4f8d2afb5bcdbb3ceb580c30d2da9be6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
953
x-amz-cf-id
jmtnJJS9sDO3Z6rNED795e_VgfsrA_DdwAAbICOA-1Wl26jXrdggLA==
RC6875e84397f8464cb35b5a0ca4520b8c-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC6875e84397f8464cb35b5a0ca4520b8c-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d269c32d0e180ca534701750f7cf50b90c77f5a42c59efa01f055c2ab48706

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
.M2A2rVRdliDRPbTUkHSSoX7yYPTh6PQ
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"d34c2eea466348306de1b4cc96b824c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1617
x-amz-cf-id
7snn2X6GDn36dFXm7S4XCQEJr6XSn04vQx6XGStMtjM5Qpd6vBArCw==
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b79ef0d77339903f488a4cbe714a44abf6ea8ce6103607621b445ae3df3d14a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
6TuIJaFYndGFxYbM6WlnjR9JVAzq1yrh
content-encoding
gzip
via
1.1 8a5f92c3f2254c853b1d4d6f0bb340ac.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 15:59:15 GMT
x-amz-cf-pop
IAD79-C3
age
110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 25 Sep 2023 13:02:50 GMT
server
AmazonS3
etag
W/"e7dd59593e93ff0ed16b65bc87f544eb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
FzAQ0RZ-hkeKSm1WD1m2i1XEoJ5oJeQNu9Nvvm3AHqLTCZ56TlA2tA==
destination
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
dd6bfbe8c2c202f6c7bc503cf35deddfa5d7997fb03b22366b9eb7d045358290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88796
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:01:04 GMT
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		75 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
80eeb74f0f51a81b7f5aef39b1b20fe9f60700ebeb80806c47e56b8f2c28a77c

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		77 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
cbd685395faa77ed84f4c14961c0e66e1126b8e7379547968edc11f8e3b00db2

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		82 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
12980895e3b0c5aa5fb5e7766fcf3fc0acdb1779e0411161f807350474c7b7ef

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		80 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
db3007c3896c302146414fe3d1fe737a09c96192c7f5e3aa51bfbf28b347705d

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		84 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
95fc1250bd322a0805b0fa4cb59cb718c3e4df9939de2177d723b2b4ec0fa01a

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		79 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
482fbbb5668853c9a68de548cb9510098ba763892e9739edbf6c0e40a4dc57b4

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		74 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
eddcc5cab84e5e1b180f53219397eb8519eb4de0c0e4911db2abe838ef29fd03

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		77 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=472096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
2d4fbf5b6c9b115d1a0c5afb70d570151070cbaec743985b8a6e66b1aee63fa1

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
bid
aax.amazon-adsystem.com/e/dtb/ 		127 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F&pid=hr0zBgC6hdH9a&cb=0&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2827824%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827002%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827005%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.23.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-23-201.iad12.r.cloudfront.net
Software
Server /
Resource Hash
1b29af82ad757fab4ab348e30008412ea6380c49637bff2366212fbd7d6ea236
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 eb8674b99d3dfcc6867fb20af353442a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-amz-rid
H47YR2CYJ05XBYTK94WK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
127
x-amz-cf-id
dxJBUY8dFqh8M2bXGHSXRgHm7BzushMchdR27iFNsZczFrduf417dA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-71.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 09 Nov 2023 09:08:23 GMT
Via
1.1 acb5e0138f17ffe7929a4d64a50c4a24.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
24777
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
uzm_4V0Gqm7oWlI_fURrdj21mxj0bmESYL7WAAW7gll0apGKWwmgXQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		147 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
QG0EZ7ZAZNRA5XR6
age
1360
etag
W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
823746139c9aa23a-YYZ
x-amz-id-2
cs5TLgqrB7nxAfP8ZZwJrL8NM7bE9YUpuX5Nr8cU1Hka2/n1g8Xx4NH/F8UzJIxj7eOgk5upNzQ=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:37:06 GMT
content-encoding
gzip
age
2053438
x-guploader-uploadid
ADPycdtHo1Jwqxjn4N9nGhpnf4IKPmjt5SB04-GnMjQabLteBpXXoZcMbRIlASopK0kvsrJE9zlLPG3BcAG7IerJOct1Qcr84p0m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 15 Oct 2024 21:37:06 GMT
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
94f4391231c7017c7b3ca3ac3e2347d46f61562979c0fff52c0b1ed7bd191b74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43986
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 15:57:04 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
888965523fdb6625c141134ac6607f96a9162eecfd4055751370f0d6e249f088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:46:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1819
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 15:46:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 Nov 2023 16:01:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
mMd5jiYbG3bXl+Xj7JnrsL6LeQsidVFF79Z0PBTmnHtaBPhCwYJ9Uy/DZCqRwOAw689FmcVry+1mGJrSOnjFbg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
42bfa84a9a1eaa20f1b08dc0e4979611311d2381155a1c7da5170f7a55000086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75354
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6086afbf333f1fbebe5a1badd8969949561253901a871d956263b9b7c3f5268f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75304
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bc11a14fb7bab54ef611f95e8907b23ba3984fc9ad785e5cbea7f900a0c49d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67164
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
67999af8cf3192a110c9ea04c5cebfe462ca1f97fa462698b01255522909044b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67090
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 16:01:04 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:19 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kiad7000159-IAD
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-218-218-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 07:18:39 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=46426
accept-ranges
bytes
content-length
3840
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 09 Nov 2023 16:01:04 GMT
last-modified
Fri, 20 Oct 2023 01:13:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8412B9FA509947AEA01E9070062ABCDD Ref B: CHGEDGE1718 Ref C: 2023-11-09T16:01:05Z
etag
"0125f9ff22da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13079
core.js
s.pinimg.com/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dd8a324294b0b2f35794fcf3c8d92f192fc0f33bdd632409da909a537ddce8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"8c377a173209947cfb4f5c278ce43060"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1798
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.150.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-150-3.iad89.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 11:47:56 GMT
Via
1.1 077b94dab77b8114aebf503be197d7d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-C3
Age
15194
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
e67aOQLHDi_ZAFbDEnSw6Yqqm5RhubSuLyNFKNCldTJLjnP1HmI2Ww==
Expires
Fri, 10 Nov 2023 11:47:50 GMT
RC1289467d874c4cbb843522741b710d36-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RC1289467d874c4cbb843522741b710d36-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd2b54f01332bcc1035c71f1750b16c35a30616d8926a6cc856208de7af1d1ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:08 GMT
x-amz-version-id
ku896RX.K3p9whuOCRhggchxHDV6Ba2l
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1617
etag
"f45e004e77665aa52d42de0faa9afbee"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
644
x-amz-cf-id
rUWV-aFcQWLG6fEMG7kTN2HF4D5-o9M0wH8f7bG5SA1QEFlGxwz1yw==
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3b60v887101457z8861227858&_p=1699545663574&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=794087290.1699545665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&dl=https%3A%2F%2Fwww.thestar.com%2F&sid=1699545664&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.thestar.com%2F&ep.townnews_crm_group_id=848&ep.generator=BLOX&ep.generator_version=1.71.7&tfd=1289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=794087290.1699545665&gtm=45je3b60v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=794087290.1699545665&gtm=45je3b60v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1&z=364985978
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
br
via
1.1 3ebe5e903d733a5e00724b1dfdba02bc.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 13:50:48 GMT
x-amz-cf-pop
IAD79-C3
age
7818
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
aYhHlxj5Gkx3_NJziqAmEB8OcR9Esmd4C0wCdB1IWtJxMiym3Ygu0w==
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		236 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 14:01:17 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
045343509abacbc00f8ea3b833be387f99ee2f2d14b3be1e76cc2a76f2ae0d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
715
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 15:00:35 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
0fd311a7c211ca8561ab85c9491d9d5e5b0c1efa52c2187881fccc208a870eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6434
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 15:15:10 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp&cc=1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2d6c28acd623695660f4aa9985cd7b8586cac0e8d10697d23bb05f4b1686ab4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-hBfyMsTupr6M8Pd69YyKugFnlf0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.thestar.com
location
/esp?url=https%3A%2F%2Fwww.thestar.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
RCf9fbf93615df4b4aa748e2328a706496-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCf9fbf93615df4b4aa748e2328a706496-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
477fb1725dbbf36ecea68082b558ee6cb863ef2516d93e969fc262193d60cc31

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:09 GMT
x-amz-version-id
0Wqa7_Jcq58USlWU8yX_g81HkG.pGZbW
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 15:32:12 GMT
server
AmazonS3
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
etag
W/"a2e23ad6f57c9628640ba52216c7107f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
1616
x-amz-cf-id
c28V0qTgkZf3MmWvYER4m1gkzbJVJvGmwUBPegNV9JizcUzZeh9CvQ==
RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/ 		621 B
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/315501dc6a8f/RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-86.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d26d0d95e85b51179f6290ce2330913bddf874174104c5cf46b6c95f07be1972

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:34:09 GMT
x-amz-version-id
6eCngVr_XVwNFHf2ocgkL8HsDyUWHNgi
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 15:32:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
1616
etag
"9bca0f1943319c69ab1f76ab5822754a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
621
x-amz-cf-id
bOMXrg746STHjieasl_-GWu9rDHWpDF0WIFKYHZVifgjg13YpaDywQ==
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame AD3A 		157 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=3392051643402881568&bl=boq_subscribewithgoogleclientserver_20231107.08_p1&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=28865&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
ESF /
Resource Hash
f0cddd10894ab2aad1138f7cb5ce8597c7be4509e6b926499dbc09f0531ce9b4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:04 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L... Frame AD3A 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.mY2aMIxv-wY.L.B1.O/am=EIY0/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI58Rmu1oGubXx7AZXnXLSrc32zYQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
5058b699155066f02bf0e60da5abb4c6a5284d0bd6a07b8c9ec51bbed7e11f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37122
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 21:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 15:13:58 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:00:12 GMT
content-encoding
gzip
via
1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
52175
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
KJo9buWsWNhXC0UUrct8pFUu8HctsybAPTTe3CJFdJUOjae4t8W8Zw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1699545664622&cv=11&fst=1699545664622&bg=ffffff&guid=ON&async=1&gtm=45be3b60v867836103&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&auid=904992635.1699545664&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
820babb5881aa4781dc2371b14e05790d8d34e36ce9492a0e9ae76760dd386ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
10230056.fls.doubleclick.net/ Frame 2303
Redirect Chain
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;u...
468 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f148.1e100.net
Software
cafe /
Resource Hash
6343d35b0d4623c749d1adf4b408899990ed9461f512292524cb57c0b8d1130a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
270
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:05 GMT
expires
Thu, 09 Nov 2023 16:01:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=668087409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCACAAI~&jid=2111664841&gjid=119958302&cid=794087290.1699545665&tid=UA-54716522-7&_gid=667537596.1699545665&_slc=1&gtm=45He3b60n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.thestar.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=845&gcd=11l1l1l1l1&dma=0&z=661632573
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=794087290.1699545665&jid=2111664841&gjid=119958302&_gid=667537596.1699545665&_u=YCDAgUABAAQCAGAAI~&z=1126958707
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:01:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 09 Nov 2023 16:01:05 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame AD3A 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ZTiHVC3WGrU.es5.O/am=EIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4vagfNrXLQjVrDxfQg4-OwiHLxUQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:01:05 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-218-218-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
313
date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=79477
accept-ranges
bytes
content-length
3272
pd
google-bidout-d.openx.net/w/1.0/ Frame 80C0 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 09 Nov 2023 16:01:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1699545664742%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 78C257AC64414E32850AC53DF574148B Ref B: YTO01EDGE0511 Ref C: 2023-11-09T16:01:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJuk+r055JNP0HFls3Vw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Thu, 09 Nov 2023 16:01:04 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYJuk+p7rL3Wq9T8v/BYw==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2C176CA5E7354D72B854C40885ACD44B Ref B: YTO01EDGE0511 Ref C: 2023-11-09T16:01:05Z
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1699545664742&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/www.thestar.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.69.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-69-123.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-instance-id
i-0d766d538e313001b
pragma
no-cache
date
Thu, 09 Nov 2023 16:01:04 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 09 Nov 2023 16:01:04 GMT
intl-messageformat.28ab313de63c0630239f.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.28ab313de63c0630239f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-85.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0cc56e49ecff33f35ae493afe098a3e219dc5cc9c880795c55b0fb2684d13c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:26:58 GMT
x-amz-version-id
mi8g9Lks5eMQLGDznX.tlRNXgZ.wKywL
content-encoding
br
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
2047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Nov 2023 15:26:06 GMT
server
AmazonS3
etag
W/"9dc8376d6530d28ed154f879451e953a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
dv2UJka9TqcPZADad1bfefJJLnT64MabYY9qkUu9_UzIKrVMBg4T_g==
intl-messageformat.1a1cdfc05ff7935c9501.js
cdn.viafoura.net/chunks/languages/ 		135 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.1a1cdfc05ff7935c9501.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-85.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:26:59 GMT
x-amz-version-id
ujB56wlkxp0cUE98bdRg5Zh4Khr5US8x
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
2046
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 09 Nov 2023 15:26:15 GMT
server
AmazonS3
etag
"ab246a0b09ca785a5a04858030afba86"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hZa4G6cxyLRKgjKjWme9zn19XFGQB8fVww4JFRFmMrbQK4ORQXAlpA==
en-us-base-json.065890a89aef0e73d352.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.065890a89aef0e73d352.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-85.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9392fa59d0748d155f566eae1218e64a9e83c12cefe064f15fe7830e569e9291

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:26:58 GMT
x-amz-version-id
dVt_Sur.Cg6IOd9nOqH4e70m_L9iYGUP
content-encoding
br
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
2047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Nov 2023 15:26:09 GMT
server
AmazonS3
etag
W/"f62a7f2460cbea14f92c96b29a21115e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
mKa76vXuyJOLQEFpjQpnEVAZVkIpAEjRW31fRL_3lrXi2FdY_mwnbg==
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.218.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-218-221.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Thu, 09 Nov 2023 16:01:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
cdn.parsely.com/keys/thestar.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/thestar.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.131.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-131-58.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
public
date
Thu, 09 Nov 2023 09:07:04 GMT
content-encoding
gzip
via
1.1 e88b34dd0e6a8e6f16f12ba472ae0c12.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 01:41:35 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
24904
etag
W/"62b5164f-12236"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
bcU044_Su8hhgz0Uf39Y-M5aBkwjReeb8GruPg2z3fHOS2yo92aNAg==
expires
Fri, 10 Nov 2023 09:06:01 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
CNkBIAVl35jIusN45Ro0bxoZ1HNbjNxoxrd4FqslL2W1eI1lXyJAsw==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699545665011&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
content-length
0
x-amz-cf-id
m6veMF9dK_KsgEdo4yH-p8ch08uqN3fuZtkebDzIxRRclL5FbqkBrQ==
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8a90b0671824ba6a611cc2355c410362feb93c4ed36054eacd93374f9c9f91a0

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1699545664622&cv=11&fst=1699545600000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v867836103&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNy934woAWeS57rqtZteibmlON3Cv3dg&random=2868859933&rmt_tld=0&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/698108511/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/698108511/?random=1699545664622&cv=11&fst=1699545600000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v867836103&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNy934woAWeS57rqtZteibmlON3Cv3dg&random=2868859933&rmt_tld=1&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1699545665525&plid=8033988&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2223253054339528186421510781647711301545%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11046%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F&sref=&sts=1699545665518&slts=0&title=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&date=Thu+Nov+09+2023+08%3A01%3A05+GMT-0800+(Pacific+Standard+Time)&action=pageview&js=1&pvid=20364805&u=pid%3Da85c6559b7a0b80feb8a53954fc812ec
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:06 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 09-Nov-2023 16:01:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
13008914.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13008914.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 09 Nov 2023 16:01:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FF7B9B5DFD5949438B537D87892B4782 Ref B: CHGEDGE1718 Ref C: 2023-11-09T16:01:05Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=68852044-2db1-4760-b9f8-6f2a75f67269&sid=304938a07f1911ee9743efe96d630378&vid=304942c07f1911eeb76dff5dd28ba98a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&kw=toronto%20star&p=https%3A%2F%2Fwww.thestar.com%2F&r=&lt=942&evt=pageLoad&sv=1&rn=637305
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:01:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 62306B023150453AA888F79D87E59500 Ref B: CHGEDGE1718 Ref C: 2023-11-09T16:01:05Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
s57332499522644
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.24.0-LDQM/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.24.0-LDQM/s57332499522644?AQB=1&ndh=1&pf=1&t=9%2F10%2F2023%208%3A1%3A5%204%20480&mid=23253054339528186421510781647711301545&aamlh=7&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=thestar%7Chome&g=https%3A%2F%2Fwww.thestar.com%2F&cc=CAD&ch=home&server=thestar.com&events=event72&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=D%3D%2B%22thestar%7C%22%2Bh2&c2=home&h2=home&c4=D%3Dg&v4=D%3Dg&c9=breaking%20news%20-%20headlines%20%26%20top%20stories%20%7C%20the%20star&v15=landscape&v16=standard-web-experience&c18=no&c19=D%3Dserver&c24=desktop&c26=not-specified&v29=https%3A%2F%2Fwww.thestar.com%2F&c43=toronto&v49=D%3DpageName&c51=no-adblock-detected&c55=D%3Dmid&c56=no&c57=home&c70=D%3Dserver&v71=94ab1e00-0ed2-4c9e-8671-02c84d1687ad&v79=no&v80=no&v83=no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.219 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-219.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 10 Nov 2023 16:01:05 GMT
server
jag
etag
3649746526030528512-4617509241611624254
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 16:01:05 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2498&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=6&jsfv=nbc&ts=1699545665784&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1338&w=Recommended&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fthe-buffy-sainte-marie-bombshell-has-been-devastating-i-fear-some-of-this-may-be%2Farticle_75dab525-9e5d-57e4-9ff3-d0137699b7f7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhere-s-the-eric-lindros-trade-the-maple-leafs-never-made-with-the-nordiques%2Farticle_f36836e0-68d4-50b7-8aad-7c524f5fd34f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbusinessman-sentenced-in-180-million-bank-fraud-that-paid-for-lavish-lifestyle-classic-cars%2Farticle_b926c65a-9100-527d-a8cf-226bc68ddf7a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fwhy-sophie-gr-goire-trudeau-s-personal-life-is-under-the-microscope-again%2Farticle_6d416a8d-4fda-553e-8574-42131084d7ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Freal-estate%2Ftoronto-area-buyers-are-walking-away-from-deposits-on-new-homes-some-losing-as-much%2Farticle_db451c58-5c4b-5269-8510-17095d5496e1.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2506&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=6&jsfv=nbc&ts=1699545665786&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=Recommended&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fthe-buffy-sainte-marie-bombshell-has-been-devastating-i-fear-some-of-this-may-be%2Farticle_75dab525-9e5d-57e4-9ff3-d0137699b7f7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhere-s-the-eric-lindros-trade-the-maple-leafs-never-made-with-the-nordiques%2Farticle_f36836e0-68d4-50b7-8aad-7c524f5fd34f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbusinessman-sentenced-in-180-million-bank-fraud-that-paid-for-lavish-lifestyle-classic-cars%2Farticle_b926c65a-9100-527d-a8cf-226bc68ddf7a.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fthe-buffy-sainte-marie-bombshell-has-been-devastating-i-fear-some-of-this-may-be%2Farticle_75dab525-9e5d-57e4-9ff3-d0137699b7f7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhere-s-the-eric-lindros-trade-the-maple-leafs-never-made-with-the-nordiques%2Farticle_f36836e0-68d4-50b7-8aad-7c524f5fd34f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbusinessman-sentenced-in-180-million-bank-fraud-that-paid-for-lavish-lifestyle-classic-cars%2Farticle_b926c65a-9100-527d-a8cf-226bc68ddf7a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fwhy-sophie-gr-goire-trudeau-s-personal-life-is-under-the-microscope-again%2Farticle_6d416a8d-4fda-553e-8574-42131084d7ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Freal-estate%2Ftoronto-area-buyers-are-walking-away-from-deposits-on-new-homes-some-losing-as-much%2Farticle_db451c58-5c4b-5269-8510-17095d5496e1.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2506&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=6&jsfv=nbc&ts=1699545665787&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=Recommended&source=LI&st=2506&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fthe-buffy-sainte-marie-bombshell-has-been-devastating-i-fear-some-of-this-may-be%2Farticle_75dab525-9e5d-57e4-9ff3-d0137699b7f7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhere-s-the-eric-lindros-trade-the-maple-leafs-never-made-with-the-nordiques%2Farticle_f36836e0-68d4-50b7-8aad-7c524f5fd34f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbusinessman-sentenced-in-180-million-bank-fraud-that-paid-for-lavish-lifestyle-classic-cars%2Farticle_b926c65a-9100-527d-a8cf-226bc68ddf7a.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2511&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=12&jsfv=nbc&ts=1699545665787&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1353&w=business&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Frogers-targets-low-income-canadian-market-with-new-25-plan-including-a-free-5g-phone%2Farticle_58c147e2-b870-591f-abbc-07b031a014ca.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fusing-a-high-interest-savings-account-a-money-market-mutual-fund-can-earn-you-more%2Farticle_be529331-55a3-569f-af24-5a9b5d9c153e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftax-avoidance-canadian-companies-transferred-120b-to-luxembourg-study-says%2Farticle_03d3d0d6-2bb9-5030-b146-ec33b3269226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fthis-is-a-huge-blow-toronto-s-empty-office-space-crisis-worsens-as-wework-teeters%2Farticle_4cafa21c-1a90-5965-8a21-87c76d7e29c5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcrtc-allows-smaller-internet-companies-to-sell-service-over-telecoms-fibre-networks%2Farticle_37d2611b-85c6-5126-81f8-f0c674d54177.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcanadian-restaurants-struggle-to-survive-as-survey-finds-diners-turning-away-from-skyrocketing-menu-prices%2Farticle_0f3c4267-018d-5ed0-a109-80a107ce685b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftoronto-area-workers-must-make-at-least-25-an-hour-for-a-living-wage-report%2Farticle_7017c433-fc8e-5bc9-aabe-7d6a6f03efe7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftoronto-s-wnba-dream-was-dead-months-before-the-exhibition-game-the-inside-story-of%2Farticle_af55381b-d4a2-5ffb-94be-09c62df1e5a4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Friocan-reit-pauses-new-construction-starts-amid-high-interest-rates%2Farticle_e1230754-5c24-56c2-bad1-d2cdfd89f632.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fwework-seeks-bankruptcy-protection-a-stunning-fall-for-a-firm-once-valued-at-close-to%2Farticle_f40aff4e-05e2-5050-870e-8e378f622f97.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpandemic-buyers-struggling-to-unload-cottages-some-slashing-prices-by-as-much-as-200-000%2Farticle_5a030040-8521-5691-8b26-2b1342a2b3b6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fyour-canada-pension-payout-is-about-to-improve-but-it-will-cost-you-up-front%2Farticle_e68392a6-5bbd-5ec1-9f14-5cfb4cafbcbe.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2515&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=12&jsfv=nbc&ts=1699545665787&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=business&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Frogers-targets-low-income-canadian-market-with-new-25-plan-including-a-free-5g-phone%2Farticle_58c147e2-b870-591f-abbc-07b031a014ca.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fusing-a-high-interest-savings-account-a-money-market-mutual-fund-can-earn-you-more%2Farticle_be529331-55a3-569f-af24-5a9b5d9c153e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftax-avoidance-canadian-companies-transferred-120b-to-luxembourg-study-says%2Farticle_03d3d0d6-2bb9-5030-b146-ec33b3269226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fthis-is-a-huge-blow-toronto-s-empty-office-space-crisis-worsens-as-wework-teeters%2Farticle_4cafa21c-1a90-5965-8a21-87c76d7e29c5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcrtc-allows-smaller-internet-companies-to-sell-service-over-telecoms-fibre-networks%2Farticle_37d2611b-85c6-5126-81f8-f0c674d54177.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcanadian-restaurants-struggle-to-survive-as-survey-finds-diners-turning-away-from-skyrocketing-menu-prices%2Farticle_0f3c4267-018d-5ed0-a109-80a107ce685b.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Frogers-targets-low-income-canadian-market-with-new-25-plan-including-a-free-5g-phone%2Farticle_58c147e2-b870-591f-abbc-07b031a014ca.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fusing-a-high-interest-savings-account-a-money-market-mutual-fund-can-earn-you-more%2Farticle_be529331-55a3-569f-af24-5a9b5d9c153e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftax-avoidance-canadian-companies-transferred-120b-to-luxembourg-study-says%2Farticle_03d3d0d6-2bb9-5030-b146-ec33b3269226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fthis-is-a-huge-blow-toronto-s-empty-office-space-crisis-worsens-as-wework-teeters%2Farticle_4cafa21c-1a90-5965-8a21-87c76d7e29c5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcrtc-allows-smaller-internet-companies-to-sell-service-over-telecoms-fibre-networks%2Farticle_37d2611b-85c6-5126-81f8-f0c674d54177.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcanadian-restaurants-struggle-to-survive-as-survey-finds-diners-turning-away-from-skyrocketing-menu-prices%2Farticle_0f3c4267-018d-5ed0-a109-80a107ce685b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftoronto-area-workers-must-make-at-least-25-an-hour-for-a-living-wage-report%2Farticle_7017c433-fc8e-5bc9-aabe-7d6a6f03efe7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftoronto-s-wnba-dream-was-dead-months-before-the-exhibition-game-the-inside-story-of%2Farticle_af55381b-d4a2-5ffb-94be-09c62df1e5a4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Friocan-reit-pauses-new-construction-starts-amid-high-interest-rates%2Farticle_e1230754-5c24-56c2-bad1-d2cdfd89f632.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fwework-seeks-bankruptcy-protection-a-stunning-fall-for-a-firm-once-valued-at-close-to%2Farticle_f40aff4e-05e2-5050-870e-8e378f622f97.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpandemic-buyers-struggling-to-unload-cottages-some-slashing-prices-by-as-much-as-200-000%2Farticle_5a030040-8521-5691-8b26-2b1342a2b3b6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fyour-canada-pension-payout-is-about-to-improve-but-it-will-cost-you-up-front%2Farticle_e68392a6-5bbd-5ec1-9f14-5cfb4cafbcbe.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2515&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=12&jsfv=nbc&ts=1699545665787&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=business&source=LI&st=2515&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Frogers-targets-low-income-canadian-market-with-new-25-plan-including-a-free-5g-phone%2Farticle_58c147e2-b870-591f-abbc-07b031a014ca.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fusing-a-high-interest-savings-account-a-money-market-mutual-fund-can-earn-you-more%2Farticle_be529331-55a3-569f-af24-5a9b5d9c153e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Ftax-avoidance-canadian-companies-transferred-120b-to-luxembourg-study-says%2Farticle_03d3d0d6-2bb9-5030-b146-ec33b3269226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fthis-is-a-huge-blow-toronto-s-empty-office-space-crisis-worsens-as-wework-teeters%2Farticle_4cafa21c-1a90-5965-8a21-87c76d7e29c5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcrtc-allows-smaller-internet-companies-to-sell-service-over-telecoms-fibre-networks%2Farticle_37d2611b-85c6-5126-81f8-f0c674d54177.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcanadian-restaurants-struggle-to-survive-as-survey-finds-diners-turning-away-from-skyrocketing-menu-prices%2Farticle_0f3c4267-018d-5ed0-a109-80a107ce685b.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2518&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=14&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1360&w=canada&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwinnipeg-woman-sues-tim-hortons-alleging-cream-in-tea-led-to-hospitalization%2Farticle_8e56a12a-189e-5a73-ae97-068a6da21195.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fbus-carrying-crew-for-shania-twain-concert-crashes-on-icy-highway-in-saskatchewan%2Farticle_a5e5ca0e-aaf7-5116-8697-e0278a362d05.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-s-registered-nurses-are-getting-new-prescribing-powers-and-some-doctors-aren-t-happy%2Farticle_d014ce66-6176-5a45-ba7b-77a736171690.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froundabout-design-will-cost-c-k-400k-alone%2Farticle_36aaeba7-9a89-5c56-accc-79ad55767e5d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftucker-carlson-to-meet-with-alberta-premier-danielle-smith-for-live-show-in-calgary%2Farticle_c5f4120f-9d93-56e9-a9da-7399338ea800.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcrown-and-defence-say-driver-should-serve-3-years-after-killing-two-ubc-students%2Farticle_5e4e4382-db23-5951-8e82-d8bce5e9a9e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fin-the-news-for-today-gaza-bombardment-overnight-hits-close-to-hospital%2Farticle_19dda46e-9949-5cf2-aecf-731079d342c6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftoronto-star-owner-publisher-jordan-bitove-among-the-26-new-appointees-to-order-of-ontario%2Farticle_eaa51b3d-21ac-55fa-ad03-afc905204636.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Findigenous-soldiers-determined-to-carry-on-family-legacies%2Farticle_0225d68c-c8e4-557e-ab9e-a083218105f0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-hospitals-warn-stolen-patient-employee-data-may-be-published%2Farticle_09f40060-ff60-547e-acb6-436254ecde43.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-agrees-to-give-some-teachers-education-workers-retroactive-salary-bumps%2Farticle_91d8a251-424c-598c-a73e-a8f84465150a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F18-mzos-given-to-developers-who-were-guests-at-premier-fords-family-wedding-ndp%2Farticle_42e7fe97-dc01-517f-a953-3d5c2194eb1b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fmany-veterinarians-in-canada-are-facing-extreme-burnout-and-declining-mental-health%2Farticle_4f100dc9-6a3c-5b17-8f45-655bc563b613.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2522&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=14&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=canada&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwinnipeg-woman-sues-tim-hortons-alleging-cream-in-tea-led-to-hospitalization%2Farticle_8e56a12a-189e-5a73-ae97-068a6da21195.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fbus-carrying-crew-for-shania-twain-concert-crashes-on-icy-highway-in-saskatchewan%2Farticle_a5e5ca0e-aaf7-5116-8697-e0278a362d05.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-s-registered-nurses-are-getting-new-prescribing-powers-and-some-doctors-aren-t-happy%2Farticle_d014ce66-6176-5a45-ba7b-77a736171690.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froundabout-design-will-cost-c-k-400k-alone%2Farticle_36aaeba7-9a89-5c56-accc-79ad55767e5d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftucker-carlson-to-meet-with-alberta-premier-danielle-smith-for-live-show-in-calgary%2Farticle_c5f4120f-9d93-56e9-a9da-7399338ea800.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcrown-and-defence-say-driver-should-serve-3-years-after-killing-two-ubc-students%2Farticle_5e4e4382-db23-5951-8e82-d8bce5e9a9e1.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwinnipeg-woman-sues-tim-hortons-alleging-cream-in-tea-led-to-hospitalization%2Farticle_8e56a12a-189e-5a73-ae97-068a6da21195.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fbus-carrying-crew-for-shania-twain-concert-crashes-on-icy-highway-in-saskatchewan%2Farticle_a5e5ca0e-aaf7-5116-8697-e0278a362d05.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-s-registered-nurses-are-getting-new-prescribing-powers-and-some-doctors-aren-t-happy%2Farticle_d014ce66-6176-5a45-ba7b-77a736171690.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froundabout-design-will-cost-c-k-400k-alone%2Farticle_36aaeba7-9a89-5c56-accc-79ad55767e5d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftucker-carlson-to-meet-with-alberta-premier-danielle-smith-for-live-show-in-calgary%2Farticle_c5f4120f-9d93-56e9-a9da-7399338ea800.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcrown-and-defence-say-driver-should-serve-3-years-after-killing-two-ubc-students%2Farticle_5e4e4382-db23-5951-8e82-d8bce5e9a9e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fin-the-news-for-today-gaza-bombardment-overnight-hits-close-to-hospital%2Farticle_19dda46e-9949-5cf2-aecf-731079d342c6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftoronto-star-owner-publisher-jordan-bitove-among-the-26-new-appointees-to-order-of-ontario%2Farticle_eaa51b3d-21ac-55fa-ad03-afc905204636.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Findigenous-soldiers-determined-to-carry-on-family-legacies%2Farticle_0225d68c-c8e4-557e-ab9e-a083218105f0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-hospitals-warn-stolen-patient-employee-data-may-be-published%2Farticle_09f40060-ff60-547e-acb6-436254ecde43.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-agrees-to-give-some-teachers-education-workers-retroactive-salary-bumps%2Farticle_91d8a251-424c-598c-a73e-a8f84465150a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F18-mzos-given-to-developers-who-were-guests-at-premier-fords-family-wedding-ndp%2Farticle_42e7fe97-dc01-517f-a953-3d5c2194eb1b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fmany-veterinarians-in-canada-are-facing-extreme-burnout-and-declining-mental-health%2Farticle_4f100dc9-6a3c-5b17-8f45-655bc563b613.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2522&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=14&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=canada&source=LI&st=2522&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fthis-drug-was-hailed-as-a-covid-game-changer-heres-what-we-know-about-paxlovid%2Farticle_3ce38364-09e6-5b79-9edc-cbdb8aec8865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwinnipeg-woman-sues-tim-hortons-alleging-cream-in-tea-led-to-hospitalization%2Farticle_8e56a12a-189e-5a73-ae97-068a6da21195.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fbus-carrying-crew-for-shania-twain-concert-crashes-on-icy-highway-in-saskatchewan%2Farticle_a5e5ca0e-aaf7-5116-8697-e0278a362d05.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fontario-s-registered-nurses-are-getting-new-prescribing-powers-and-some-doctors-aren-t-happy%2Farticle_d014ce66-6176-5a45-ba7b-77a736171690.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froundabout-design-will-cost-c-k-400k-alone%2Farticle_36aaeba7-9a89-5c56-accc-79ad55767e5d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Ftucker-carlson-to-meet-with-alberta-premier-danielle-smith-for-live-show-in-calgary%2Farticle_c5f4120f-9d93-56e9-a9da-7399338ea800.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcrown-and-defence-say-driver-should-serve-3-years-after-killing-two-ubc-students%2Farticle_5e4e4382-db23-5951-8e82-d8bce5e9a9e1.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2525&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=17&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1368&w=politics&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-government-s-climate-plan-for-2030-can-t-be-trusted-environment-commissioner-says%2Farticle_5545c47b-c934-5904-beaa-76ee26fee226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fi-am-not-someone-else-s-product-female-veteran-blasts-mps-after-snub-at-parliamentary%2Farticle_5a1174a0-a59d-589d-8481-492454a5a000.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fliberal-leadership-candidates-bash-doug-ford-over-the-greenbelt-scandal%2Farticle_c1c4e435-d7c7-53ba-ac1d-978a2625830c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-is-a-problem-for-his-party-and-even-if-he-quits-it-might%2Farticle_b793875d-ed4e-56e8-8e57-ee4f9cc6bd56.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fdefunding-cbc-would-be-devastating-to-news-in-rural-canada-network-president-warns%2Farticle_8c670adc-7800-5ce0-bf72-0d8f70d4298f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-fires-pc-veteran-from-metrolinx-board-after-she-criticizes-him%2Farticle_2ebbf070-4c26-56a6-b23a-70d43a076188.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fpeople-are-frustrated-high-stakes-byelection-comes-at-dramatic-time-in-ontario-politics%2Farticle_fb143e80-78f1-536f-baf4-58baf45d0bd6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Flocation-location-location-three-former-hells-angels-clubhouses-heading-for-sale%2Farticle_836ace49-b38e-5188-8d09-f7a172115d21.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fdocuments-reveal-why-rcmp-didn-t-pursue-criminal-probe-of-justin-trudeau-in-snc-lavalin%2Farticle_4cc03ad0-18ac-5e68-b4ba-edecf2f7897d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-appears-at-news-conference-with-bandage-after-bumping-head%2Farticle_9c17964c-066a-5b79-b66c-dc52f7c9a089.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fontario-sen-ian-shugart-former-top-public-servant-dead-at-66%2Farticle_9b158e73-0367-5027-bd33-cbb2365b8f9b.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2529&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=17&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=politics&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-government-s-climate-plan-for-2030-can-t-be-trusted-environment-commissioner-says%2Farticle_5545c47b-c934-5904-beaa-76ee26fee226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fi-am-not-someone-else-s-product-female-veteran-blasts-mps-after-snub-at-parliamentary%2Farticle_5a1174a0-a59d-589d-8481-492454a5a000.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fliberal-leadership-candidates-bash-doug-ford-over-the-greenbelt-scandal%2Farticle_c1c4e435-d7c7-53ba-ac1d-978a2625830c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-is-a-problem-for-his-party-and-even-if-he-quits-it-might%2Farticle_b793875d-ed4e-56e8-8e57-ee4f9cc6bd56.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fdefunding-cbc-would-be-devastating-to-news-in-rural-canada-network-president-warns%2Farticle_8c670adc-7800-5ce0-bf72-0d8f70d4298f.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-government-s-climate-plan-for-2030-can-t-be-trusted-environment-commissioner-says%2Farticle_5545c47b-c934-5904-beaa-76ee26fee226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fi-am-not-someone-else-s-product-female-veteran-blasts-mps-after-snub-at-parliamentary%2Farticle_5a1174a0-a59d-589d-8481-492454a5a000.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fliberal-leadership-candidates-bash-doug-ford-over-the-greenbelt-scandal%2Farticle_c1c4e435-d7c7-53ba-ac1d-978a2625830c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-is-a-problem-for-his-party-and-even-if-he-quits-it-might%2Farticle_b793875d-ed4e-56e8-8e57-ee4f9cc6bd56.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fdefunding-cbc-would-be-devastating-to-news-in-rural-canada-network-president-warns%2Farticle_8c670adc-7800-5ce0-bf72-0d8f70d4298f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-fires-pc-veteran-from-metrolinx-board-after-she-criticizes-him%2Farticle_2ebbf070-4c26-56a6-b23a-70d43a076188.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fpeople-are-frustrated-high-stakes-byelection-comes-at-dramatic-time-in-ontario-politics%2Farticle_fb143e80-78f1-536f-baf4-58baf45d0bd6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Flocation-location-location-three-former-hells-angels-clubhouses-heading-for-sale%2Farticle_836ace49-b38e-5188-8d09-f7a172115d21.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fdocuments-reveal-why-rcmp-didn-t-pursue-criminal-probe-of-justin-trudeau-in-snc-lavalin%2Farticle_4cc03ad0-18ac-5e68-b4ba-edecf2f7897d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-appears-at-news-conference-with-bandage-after-bumping-head%2Farticle_9c17964c-066a-5b79-b66c-dc52f7c9a089.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fontario-sen-ian-shugart-former-top-public-servant-dead-at-66%2Farticle_9b158e73-0367-5027-bd33-cbb2365b8f9b.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2529&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=17&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=politics&source=LI&st=2529&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fquebec-mayor-23-resigns-mid-mandate-because-of-burnout-from-managing-forest-fires%2Farticle_41bccda0-fa54-58b0-96c4-748ee94d1756.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftrudeau-government-s-climate-plan-for-2030-can-t-be-trusted-environment-commissioner-says%2Farticle_5545c47b-c934-5904-beaa-76ee26fee226.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fi-am-not-someone-else-s-product-female-veteran-blasts-mps-after-snub-at-parliamentary%2Farticle_5a1174a0-a59d-589d-8481-492454a5a000.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fliberal-leadership-candidates-bash-doug-ford-over-the-greenbelt-scandal%2Farticle_c1c4e435-d7c7-53ba-ac1d-978a2625830c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-is-a-problem-for-his-party-and-even-if-he-quits-it-might%2Farticle_b793875d-ed4e-56e8-8e57-ee4f9cc6bd56.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fdefunding-cbc-would-be-devastating-to-news-in-rural-canada-network-president-warns%2Farticle_8c670adc-7800-5ce0-bf72-0d8f70d4298f.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2532&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=19&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1374&w=world&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fnew-island-emerges-after-undersea-volcano-erupts-off-japan-but-experts-say-it-may-not%2Farticle_d453e128-0232-5f64-8ab2-520a5b8c98c1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fhouse-votes-to-censure-rep-rashida-tlaib-over-her-israel-hamas-rhetoric-in-a-stunning%2Farticle_686f9dc6-456a-511a-8695-aeaef1ae117c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fdemocrats-win-in-several-states-on-abortion-rights-and-other-highlights-from-tuesdays-elections%2Farticle_76620ef1-d9b4-5cf9-b994-77f6a831b9a7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fkentucky-gov-beshear-wins-reelection-ohio-passes-amendment-on-abortion-rights-follow-live-updates%2Farticle_39e29ae4-7e90-5365-99a3-8d8c785037a4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fformer-top-prosecutor-for-baltimore-declines-to-testify-at-her-perjury-trial%2Farticle_c2459d11-e719-54c9-9115-97e828e39c14.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddle-east%2F5-hostages-of-hamas-are-free-offering-some-hope-to-families-of-more-than-200%2Farticle_b92ec978-38d5-5350-88fd-705ebfc036b7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2Fthe-uks-interior-minister-accuses-the-countrys-police-of-favoring-pro-palestinian-protesters%2Farticle_1a64a0c8-fc41-5788-981f-40586980cccd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fvatican-steps-closer-to-allowing-transgender-catholics-to-be-baptized%2Farticle_a3f271fc-6d89-5a67-9388-a3c5e95a6135.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fflorida-dentist-convicted-of-murder-in-2014-slaying-of-his-ex-brother-in-law-a%2Farticle_c8c7f5e1-7d26-5b6c-88a8-12290071824e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2-london-police-officers-have-been-dismissed-over-a-stop-and-search-of-a-black%2Farticle_d8ff9fdf-c298-5cfd-b0e8-509b99e03995.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbiologists-are-keeping-a-close-eye-on-a-rare-mexican-wolf-that-is-wandering-out%2Farticle_72fe5cf1-1c59-5117-ad13-840a7b3d48ba.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freal-estate-industry-facing-pushback-to-longstanding-rules-setting-agent-commissions-on-home-sales%2Farticle_c991a153-374b-5bf4-af30-4436ca78f527.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2536&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=19&jsfv=nbc&ts=1699545665788&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=world&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fnew-island-emerges-after-undersea-volcano-erupts-off-japan-but-experts-say-it-may-not%2Farticle_d453e128-0232-5f64-8ab2-520a5b8c98c1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fhouse-votes-to-censure-rep-rashida-tlaib-over-her-israel-hamas-rhetoric-in-a-stunning%2Farticle_686f9dc6-456a-511a-8695-aeaef1ae117c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fdemocrats-win-in-several-states-on-abortion-rights-and-other-highlights-from-tuesdays-elections%2Farticle_76620ef1-d9b4-5cf9-b994-77f6a831b9a7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fkentucky-gov-beshear-wins-reelection-ohio-passes-amendment-on-abortion-rights-follow-live-updates%2Farticle_39e29ae4-7e90-5365-99a3-8d8c785037a4.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fnew-island-emerges-after-undersea-volcano-erupts-off-japan-but-experts-say-it-may-not%2Farticle_d453e128-0232-5f64-8ab2-520a5b8c98c1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fhouse-votes-to-censure-rep-rashida-tlaib-over-her-israel-hamas-rhetoric-in-a-stunning%2Farticle_686f9dc6-456a-511a-8695-aeaef1ae117c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fdemocrats-win-in-several-states-on-abortion-rights-and-other-highlights-from-tuesdays-elections%2Farticle_76620ef1-d9b4-5cf9-b994-77f6a831b9a7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fkentucky-gov-beshear-wins-reelection-ohio-passes-amendment-on-abortion-rights-follow-live-updates%2Farticle_39e29ae4-7e90-5365-99a3-8d8c785037a4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fformer-top-prosecutor-for-baltimore-declines-to-testify-at-her-perjury-trial%2Farticle_c2459d11-e719-54c9-9115-97e828e39c14.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddle-east%2F5-hostages-of-hamas-are-free-offering-some-hope-to-families-of-more-than-200%2Farticle_b92ec978-38d5-5350-88fd-705ebfc036b7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2Fthe-uks-interior-minister-accuses-the-countrys-police-of-favoring-pro-palestinian-protesters%2Farticle_1a64a0c8-fc41-5788-981f-40586980cccd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fvatican-steps-closer-to-allowing-transgender-catholics-to-be-baptized%2Farticle_a3f271fc-6d89-5a67-9388-a3c5e95a6135.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fflorida-dentist-convicted-of-murder-in-2014-slaying-of-his-ex-brother-in-law-a%2Farticle_c8c7f5e1-7d26-5b6c-88a8-12290071824e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2-london-police-officers-have-been-dismissed-over-a-stop-and-search-of-a-black%2Farticle_d8ff9fdf-c298-5cfd-b0e8-509b99e03995.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fbiologists-are-keeping-a-close-eye-on-a-rare-mexican-wolf-that-is-wandering-out%2Farticle_72fe5cf1-1c59-5117-ad13-840a7b3d48ba.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freal-estate-industry-facing-pushback-to-longstanding-rules-setting-agent-commissions-on-home-sales%2Farticle_c991a153-374b-5bf4-af30-4436ca78f527.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2536&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=19&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=world&source=LI&st=2536&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2F3-charged-with-running-sex-ring-that-catered-to-elected-officials-other-wealthy-clients%2Farticle_44bb5006-ce9c-5f8e-a903-a61ef1587f13.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcolorado-funeral-home-stockpiled-bodies-for-4-years-police-say%2Farticle_f0378baa-8130-52c0-9a78-7ee687c0c597.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fnew-island-emerges-after-undersea-volcano-erupts-off-japan-but-experts-say-it-may-not%2Farticle_d453e128-0232-5f64-8ab2-520a5b8c98c1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fhouse-votes-to-censure-rep-rashida-tlaib-over-her-israel-hamas-rhetoric-in-a-stunning%2Farticle_686f9dc6-456a-511a-8695-aeaef1ae117c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fdemocrats-win-in-several-states-on-abortion-rights-and-other-highlights-from-tuesdays-elections%2Farticle_76620ef1-d9b4-5cf9-b994-77f6a831b9a7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fkentucky-gov-beshear-wins-reelection-ohio-passes-amendment-on-abortion-rights-follow-live-updates%2Farticle_39e29ae4-7e90-5365-99a3-8d8c785037a4.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2538&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=22&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1381&w=life&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhoroscopes%2Fhoroscope-for-thursday-nov-9-2023%2Farticle_bffe6f64-412b-5ff8-b355-950ede3ca4a2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fas-a-teenager-i-worshipped-leonard-cohen-as-an-adult-i-followed-in-his-footsteps%2Farticle_6ecd4ad9-83f8-5a5d-9fbf-b879aa073c09.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fpumpkin-spice-isn-t-just-the-flavour-of-fall-it-has-these-health-benefits-too%2Farticle_7f6f83ee-5fc6-5b7d-ab99-ad5ed3b00a70.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmore-fruit-pouches-for-kids-are-being-recalled-because-of-illnesses-that-are-linked-to%2Farticle_2a80bb71-86d2-507a-aeb1-027a291889fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmind-altering-ketamine-becomes-latest-pain-treatment-despite-little-research-or-regulation%2Farticle_aa0eef5d-eb44-5fe1-8ee6-07dabae4e1c6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fone-of-my-students-uses-they-them-pronouns-but-their-dad-refers-to-them-with%2Farticle_d1b3b945-10dd-5343-90ad-8497f5e99d7d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fsyphilis-cases-in-us-newborns-skyrocketed-in-2022-health-officials-suggest-more-testing%2Farticle_50a93cfd-fc9d-51ef-8f1d-d4e56083a9e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fdaylight-saving-2023-here-s-what-a-sleep-expert-says-about-the-time-change%2Farticle_475d9ee9-6487-5236-a34c-923de26aaf34.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fend-of-daylight-time-affects-pets-schedules-too-animal-care-workers-say%2Farticle_0e79ab3e-deeb-5656-89e9-30ed2c11f982.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-has-a-job-in-cottage-country-one-day-he-left-work-early-and%2Farticle_9b877bb1-d333-5453-9afc-56812f13899a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-cousin-dumped-her-husband-because-he-wouldn-t-grow-up-eight-years-later-she%2Farticle_c658abda-3d47-571e-873d-12afe3a7d05f.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2542&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=22&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=life&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhoroscopes%2Fhoroscope-for-thursday-nov-9-2023%2Farticle_bffe6f64-412b-5ff8-b355-950ede3ca4a2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fas-a-teenager-i-worshipped-leonard-cohen-as-an-adult-i-followed-in-his-footsteps%2Farticle_6ecd4ad9-83f8-5a5d-9fbf-b879aa073c09.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fpumpkin-spice-isn-t-just-the-flavour-of-fall-it-has-these-health-benefits-too%2Farticle_7f6f83ee-5fc6-5b7d-ab99-ad5ed3b00a70.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmore-fruit-pouches-for-kids-are-being-recalled-because-of-illnesses-that-are-linked-to%2Farticle_2a80bb71-86d2-507a-aeb1-027a291889fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmind-altering-ketamine-becomes-latest-pain-treatment-despite-little-research-or-regulation%2Farticle_aa0eef5d-eb44-5fe1-8ee6-07dabae4e1c6.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhoroscopes%2Fhoroscope-for-thursday-nov-9-2023%2Farticle_bffe6f64-412b-5ff8-b355-950ede3ca4a2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fas-a-teenager-i-worshipped-leonard-cohen-as-an-adult-i-followed-in-his-footsteps%2Farticle_6ecd4ad9-83f8-5a5d-9fbf-b879aa073c09.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fpumpkin-spice-isn-t-just-the-flavour-of-fall-it-has-these-health-benefits-too%2Farticle_7f6f83ee-5fc6-5b7d-ab99-ad5ed3b00a70.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmore-fruit-pouches-for-kids-are-being-recalled-because-of-illnesses-that-are-linked-to%2Farticle_2a80bb71-86d2-507a-aeb1-027a291889fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmind-altering-ketamine-becomes-latest-pain-treatment-despite-little-research-or-regulation%2Farticle_aa0eef5d-eb44-5fe1-8ee6-07dabae4e1c6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fone-of-my-students-uses-they-them-pronouns-but-their-dad-refers-to-them-with%2Farticle_d1b3b945-10dd-5343-90ad-8497f5e99d7d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fsyphilis-cases-in-us-newborns-skyrocketed-in-2022-health-officials-suggest-more-testing%2Farticle_50a93cfd-fc9d-51ef-8f1d-d4e56083a9e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fdaylight-saving-2023-here-s-what-a-sleep-expert-says-about-the-time-change%2Farticle_475d9ee9-6487-5236-a34c-923de26aaf34.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fend-of-daylight-time-affects-pets-schedules-too-animal-care-workers-say%2Farticle_0e79ab3e-deeb-5656-89e9-30ed2c11f982.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-has-a-job-in-cottage-country-one-day-he-left-work-early-and%2Farticle_9b877bb1-d333-5453-9afc-56812f13899a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-cousin-dumped-her-husband-because-he-wouldn-t-grow-up-eight-years-later-she%2Farticle_c658abda-3d47-571e-873d-12afe3a7d05f.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2542&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=22&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=life&source=LI&st=2542&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-wife-got-drunk-at-an-engagement-party-and-made-a-complete-fool-of-herself%2Farticle_ae716a49-9fbf-5d1d-b39e-7f9146fe6212.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhoroscopes%2Fhoroscope-for-thursday-nov-9-2023%2Farticle_bffe6f64-412b-5ff8-b355-950ede3ca4a2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fas-a-teenager-i-worshipped-leonard-cohen-as-an-adult-i-followed-in-his-footsteps%2Farticle_6ecd4ad9-83f8-5a5d-9fbf-b879aa073c09.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fpumpkin-spice-isn-t-just-the-flavour-of-fall-it-has-these-health-benefits-too%2Farticle_7f6f83ee-5fc6-5b7d-ab99-ad5ed3b00a70.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmore-fruit-pouches-for-kids-are-being-recalled-because-of-illnesses-that-are-linked-to%2Farticle_2a80bb71-86d2-507a-aeb1-027a291889fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fmind-altering-ketamine-becomes-latest-pain-treatment-despite-little-research-or-regulation%2Farticle_aa0eef5d-eb44-5fe1-8ee6-07dabae4e1c6.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2545&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=24&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1387&w=sports&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fotto-porter-jr-is-proving-invaluable-to-the-raptors-early-in-the-nba-season%2Farticle_82338654-5323-5c31-978d-a69663faddfa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fgilgeous-alexander-scores-43-as-the-thunder-top-the-cavaliers-128-120%2Farticle_c6ed6606-4e2f-5589-97f1-c6c0ed0c82a8.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fthe-maple-leafs-haven-t-been-oilers-bad-but-they-ve-lost-their-way-in%2Farticle_4f14df85-8245-57a2-b18b-e33449fb2e6e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fthe-blue-jays-have-the-cash-to-swing-for-the-fences-they-can-t-afford%2Farticle_994a4881-d0b5-5dc3-aba6-bd63855497aa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fedmonton-oilers-place-struggling-goaltender-jack-campbell-on-waivers%2Farticle_d4a25ba7-7fb1-57c9-945a-8be6c40c29e3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fraptors-scottie-barnes-is-setting-the-nba-on-fire-and-the-numbers-are-only-part%2Farticle_df2d1ad5-0d09-5eaf-a797-abc398d54bf0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsoccer%2Fat-40-rock-solid-dante-is-crucial-in-making-nice-the-best-defense-in-europes%2Farticle_513e4534-7129-5f79-8720-533b389de158.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fmichigan-star-corum-says-he-had-no-business-with-stalions-unaware-of-online-records-in%2Farticle_aa2a8a7e-4da9-5aee-b9df-3af08aa02a0d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fhe-was-involved-in-a-tragic-on-ice-death-now-he-s-being-targeted-with%2Farticle_d54a05da-de92-5950-82cd-c7e3885abfd0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fblue-jays-take-home-three-gold-gloves-while-gabriel-moreno-also-won-for-the-diamondbacks%2Farticle_c77a1c4a-9683-5294-8254-19825f8334ab.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fchristian-mccaffrey-repeats-as-the-top-running-back-in-the-ap-s-nfl-top-5%2Farticle_4c5465a3-b1cd-5ead-a662-b030d469500b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmatthew-knies-lands-on-the-top-line-in-the-latest-maple-leafs-shuffle%2Farticle_bd4a0b8e-b127-57ec-b864-5f5831f5201e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fnfl-pitted-two-of-the-top-teams-on-prime-time-but-the-officiating-crew-didnt%2Farticle_8e7f8b0e-418e-536a-861a-658fd11bc25d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fformer-nba-star-dwight-howard-denies-sexual-assault-lawsuit-filed-by-georgia-man%2Farticle_538f8925-b600-5ccc-a635-01da8e617d21.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2549&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=24&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=sports&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fotto-porter-jr-is-proving-invaluable-to-the-raptors-early-in-the-nba-season%2Farticle_82338654-5323-5c31-978d-a69663faddfa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fgilgeous-alexander-scores-43-as-the-thunder-top-the-cavaliers-128-120%2Farticle_c6ed6606-4e2f-5589-97f1-c6c0ed0c82a8.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fthe-maple-leafs-haven-t-been-oilers-bad-but-they-ve-lost-their-way-in%2Farticle_4f14df85-8245-57a2-b18b-e33449fb2e6e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fthe-blue-jays-have-the-cash-to-swing-for-the-fences-they-can-t-afford%2Farticle_994a4881-d0b5-5dc3-aba6-bd63855497aa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fedmonton-oilers-place-struggling-goaltender-jack-campbell-on-waivers%2Farticle_d4a25ba7-7fb1-57c9-945a-8be6c40c29e3.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fotto-porter-jr-is-proving-invaluable-to-the-raptors-early-in-the-nba-season%2Farticle_82338654-5323-5c31-978d-a69663faddfa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fgilgeous-alexander-scores-43-as-the-thunder-top-the-cavaliers-128-120%2Farticle_c6ed6606-4e2f-5589-97f1-c6c0ed0c82a8.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fthe-maple-leafs-haven-t-been-oilers-bad-but-they-ve-lost-their-way-in%2Farticle_4f14df85-8245-57a2-b18b-e33449fb2e6e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fthe-blue-jays-have-the-cash-to-swing-for-the-fences-they-can-t-afford%2Farticle_994a4881-d0b5-5dc3-aba6-bd63855497aa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fedmonton-oilers-place-struggling-goaltender-jack-campbell-on-waivers%2Farticle_d4a25ba7-7fb1-57c9-945a-8be6c40c29e3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fraptors-scottie-barnes-is-setting-the-nba-on-fire-and-the-numbers-are-only-part%2Farticle_df2d1ad5-0d09-5eaf-a797-abc398d54bf0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsoccer%2Fat-40-rock-solid-dante-is-crucial-in-making-nice-the-best-defense-in-europes%2Farticle_513e4534-7129-5f79-8720-533b389de158.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fmichigan-star-corum-says-he-had-no-business-with-stalions-unaware-of-online-records-in%2Farticle_aa2a8a7e-4da9-5aee-b9df-3af08aa02a0d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fhe-was-involved-in-a-tragic-on-ice-death-now-he-s-being-targeted-with%2Farticle_d54a05da-de92-5950-82cd-c7e3885abfd0.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fblue-jays-take-home-three-gold-gloves-while-gabriel-moreno-also-won-for-the-diamondbacks%2Farticle_c77a1c4a-9683-5294-8254-19825f8334ab.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fchristian-mccaffrey-repeats-as-the-top-running-back-in-the-ap-s-nfl-top-5%2Farticle_4c5465a3-b1cd-5ead-a662-b030d469500b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmatthew-knies-lands-on-the-top-line-in-the-latest-maple-leafs-shuffle%2Farticle_bd4a0b8e-b127-57ec-b864-5f5831f5201e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fnfl-pitted-two-of-the-top-teams-on-prime-time-but-the-officiating-crew-didnt%2Farticle_8e7f8b0e-418e-536a-861a-658fd11bc25d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fformer-nba-star-dwight-howard-denies-sexual-assault-lawsuit-filed-by-georgia-man%2Farticle_538f8925-b600-5ccc-a635-01da8e617d21.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2549&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=24&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=sports&source=LI&st=2549&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fwhy-the-maple-leafs-new-guys-are-already-on-thin-ice-with-coach-sheldon-keefe%2Farticle_8cddc4d6-2227-5f92-90eb-d6a53f3617b2.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fstruggling-senators-score-three-times-in-the-3rd-period-to-down-leaky-maple-leafs-6%2Farticle_530983c0-c476-58a7-bb0e-5783a28f6d5e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fotto-porter-jr-is-proving-invaluable-to-the-raptors-early-in-the-nba-season%2Farticle_82338654-5323-5c31-978d-a69663faddfa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fgilgeous-alexander-scores-43-as-the-thunder-top-the-cavaliers-128-120%2Farticle_c6ed6606-4e2f-5589-97f1-c6c0ed0c82a8.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fthe-maple-leafs-haven-t-been-oilers-bad-but-they-ve-lost-their-way-in%2Farticle_4f14df85-8245-57a2-b18b-e33449fb2e6e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fthe-blue-jays-have-the-cash-to-swing-for-the-fences-they-can-t-afford%2Farticle_994a4881-d0b5-5dc3-aba6-bd63855497aa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fedmonton-oilers-place-struggling-goaltender-jack-campbell-on-waivers%2Farticle_d4a25ba7-7fb1-57c9-945a-8be6c40c29e3.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2552&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=27&jsfv=nbc&ts=1699545665789&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&fst=1699545664383&fstr=1156&pt=1&cl=1395&w=entertainment&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fdamned-if-i-wasn-t-wiping-tears-and-holding-back-sniffles-read-the-book-that%2Farticle_45e5435d-1b5d-50f4-bb4d-b974c67fbcff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2Fthe-family-chantel-star-pedro-jimeno-breaks-his-silence-on-divorce-and-the-shows-ending%2Farticle_1fe7837b-8c7c-5ff1-b169-7e23d4c2ec46.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fcanadian-poet-rupi-kaur-declines-white-house-invitation-over-gaza%2Farticle_9e17a295-9d3a-56ae-8fee-a0ea23ad99fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fhollywood-actors-strike-is-over-as-union-reaches-tentative-deal-with-studios%2Farticle_7a0734db-f0a9-5956-8b0e-505cb46e35c4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmusic%2Fi-just-thought-it-was-time-sylvia-tyson-on-at-the-end-of-the-day%2Farticle_1dd084d2-8a59-5177-b251-7a92dd77406e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmovies%2Fdenys-arcand-was-once-a-moviemaking-troublemaker-now-he-s-more-of-a-good-natured%2Farticle_57a07ad2-b03f-50f9-bdc9-e05811096455.html%22%5D&usedJS=19300000&totalJS=23100000&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2554&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=27&jsfv=nbc&ts=1699545665790&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=entertainment&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fdamned-if-i-wasn-t-wiping-tears-and-holding-back-sniffles-read-the-book-that%2Farticle_45e5435d-1b5d-50f4-bb4d-b974c67fbcff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2Fthe-family-chantel-star-pedro-jimeno-breaks-his-silence-on-divorce-and-the-shows-ending%2Farticle_1fe7837b-8c7c-5ff1-b169-7e23d4c2ec46.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fcanadian-poet-rupi-kaur-declines-white-house-invitation-over-gaza%2Farticle_9e17a295-9d3a-56ae-8fee-a0ea23ad99fa.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fdamned-if-i-wasn-t-wiping-tears-and-holding-back-sniffles-read-the-book-that%2Farticle_45e5435d-1b5d-50f4-bb4d-b974c67fbcff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2Fthe-family-chantel-star-pedro-jimeno-breaks-his-silence-on-divorce-and-the-shows-ending%2Farticle_1fe7837b-8c7c-5ff1-b169-7e23d4c2ec46.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fcanadian-poet-rupi-kaur-declines-white-house-invitation-over-gaza%2Farticle_9e17a295-9d3a-56ae-8fee-a0ea23ad99fa.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fhollywood-actors-strike-is-over-as-union-reaches-tentative-deal-with-studios%2Farticle_7a0734db-f0a9-5956-8b0e-505cb46e35c4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmusic%2Fi-just-thought-it-was-time-sylvia-tyson-on-at-the-end-of-the-day%2Farticle_1dd084d2-8a59-5177-b251-7a92dd77406e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmovies%2Fdenys-arcand-was-once-a-moviemaking-troublemaker-now-he-s-more-of-a-good-natured%2Farticle_57a07ad2-b03f-50f9-bdc9-e05811096455.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2554&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=27&jsfv=nbc&ts=1699545665790&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&w=entertainment&source=LI&st=2554&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fdamned-if-i-wasn-t-wiping-tears-and-holding-back-sniffles-read-the-book-that%2Farticle_45e5435d-1b5d-50f4-bb4d-b974c67fbcff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2Fthe-family-chantel-star-pedro-jimeno-breaks-his-silence-on-divorce-and-the-shows-ending%2Farticle_1fe7837b-8c7c-5ff1-b169-7e23d4c2ec46.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fcanadian-poet-rupi-kaur-declines-white-house-invitation-over-gaza%2Farticle_9e17a295-9d3a-56ae-8fee-a0ea23ad99fa.html%22%5D&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:05 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
654bd72f14961.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/e/72/e72c60b7-55b2-5767-a905-d8edbf2bbdcc/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/e/72/e72c60b7-55b2-5767-a905-d8edbf2bbdcc/654bd72f14961.image.jpg?resize=1280%2C853
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc641ae7c825aea8ec4c022f010f15395e91f0fbb6b898714794f59980162951
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
76273
cf-polished
origSize=241525, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 18:45:03 GMT
server
cloudflare
x-vcache
MISS
etag
"fef76adfe2d3182245d88a61f8955923"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dbb3701-YYZ
expires
Thu, 07 Nov 2024 18:49:52 GMT
654bd85d0273f.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/3f/33f644c5-b0b3-5742-8fec-2902eb35a81c/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/3f/33f644c5-b0b3-5742-8fec-2902eb35a81c/654bd85d0273f.image.jpg?resize=682%2C1024
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c1bafca557f6722d99e4374ba17e5946bb47e22d92eb7d19aac39b609e7f2a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
76051
cf-polished
qual=85, origFmt=jpeg, origSize=50206
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="654bd85d0273f.webp"
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 18:50:05 GMT
server
cloudflare
x-vcache
MISS
etag
"f8ed1e556c0462bde9192a24e47a6858"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dbd3701-YYZ
expires
Thu, 07 Nov 2024 18:53:34 GMT
65468b524eb0e.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/2/89/2894066a-d56a-5548-969f-73e239892665/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/2/89/2894066a-d56a-5548-969f-73e239892665/65468b524eb0e.image.jpg?resize=1200%2C861
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2d17830e77c86c0a2e4b6ff4b2bbf29f40a82a67ef21ca47fbd81f1143844e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
356257
cf-polished
origSize=120713, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Nov 2023 18:20:02 GMT
server
cloudflare
x-vcache
MISS
etag
"5e91dcf3a019256b0d38fe278fa52d3c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dc03701-YYZ
expires
Mon, 04 Nov 2024 13:02:34 GMT
65451b5a27705.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/b/db/bdbe4e63-fc5d-5d4d-93d3-1c4f047dd3b5/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/b/db/bdbe4e63-fc5d-5d4d-93d3-1c4f047dd3b5/65451b5a27705.image.jpg?resize=1200%2C887
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64295b28df418cd23c98214bb8589db3eb449f78a61e70d373cc7c7bc75e2fc3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
190689
cf-polished
qual=85, origFmt=jpeg, origSize=47475
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="65451b5a27705.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 16:10:02 GMT
server
cloudflare
x-vcache
MISS
etag
"8623cdcd3dd5a4e8158db6795ec1639f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dc13701-YYZ
expires
Wed, 06 Nov 2024 11:00:48 GMT
6546d2cdb9a6c.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/08/008604e0-1fab-5613-aa85-d6ee3220fd56/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/08/008604e0-1fab-5613-aa85-d6ee3220fd56/6546d2cdb9a6c.image.jpg?resize=1200%2C901
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b031d8972e188ff6ca3d1baa52fedb1991125c215e092757dda6b9eca29c3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
404745
cf-polished
origSize=131156, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Nov 2023 23:25:02 GMT
server
cloudflare
x-vcache
MISS
etag
"6a01bb182ed125f35e495e729e231182"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dc33701-YYZ
expires
Sun, 03 Nov 2024 23:33:46 GMT
654529726c2e8.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/92/392cc163-b785-5a53-8ec7-74b8a4635182/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/92/392cc163-b785-5a53-8ec7-74b8a4635182/654529726c2e8.image.jpg?resize=1000%2C658
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2ada968c3f319260779a78b183774c0f7e35e40f71574f35f8c25e51fc5fdc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
35946
cf-polished
qual=85, origFmt=jpeg, origSize=95945
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="654529726c2e8.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 17:10:10 GMT
server
cloudflare
x-vcache
MISS
etag
"064c4fcefee1b0eb60ce52e270a7b173"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
823745bb6dc63701-YYZ
expires
Wed, 06 Nov 2024 22:36:20 GMT
dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/z/ Frame 2303 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Requested by
Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKirwf2kt4IDFUbMKAUdnjsLdQ;src=10230056;type=ret01;cat=land01;ord=6431509052843;auiddc=904992635.1699545664;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://10230056.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:36:59 GMT
x-amz-version-id
YgSb4NJhczzD_kw0xTy5A84n_U0pYQ9K
content-encoding
br
via
1.1 8a5f92c3f2254c853b1d4d6f0bb340ac.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3
age
3248647
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 03 Oct 2023 01:26:38 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
RGHstoISCn_JiIjWf_hPEQoOWDsBYi-VeM7EYVYkkLnKu_AmBeQ7rg==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-191-237.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 09:27:13 GMT
x-amz-version-id
P2gLA392BrQfXF0D9fIFX0YR5wgAEHym
content-encoding
br
via
1.1 8a5f92c3f2254c853b1d4d6f0bb340ac.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3
age
2874834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 07 Oct 2023 08:18:28 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
jRx0DJIaRdcNRRcZWYaM4hBh5i7xlPiEduG99s105PqQkTnnvjk4pg==
p
api.segment.io/v1/ 		21 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com
date
Thu, 09 Nov 2023 16:01:06 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		329 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=971320467965704&correlator=385440835027557&eid=31079470%2C31078015%2C31079313%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C2x1%2C300x600%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699545666439&lmt=1699545538&adxs=436%2C799%2C1055&adys=21%2C145%2C908&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com%2F&vis=1&psz=728x-1%7C1600x-1%7C300x600&msz=728x-1%7C1600x-1%7C300x600&fws=516%2C516%2C4&ohw=1600%2C1600%2C1600&ga_vid=794087290.1699545665&ga_sid=1699545666&ga_hid=668087409&ga_fc=true&dlt=1699545663398&idt=998&prev_scp=pos%3D1%26amznbid%3D1%26amznp%3D1%7Cpos%3Dimpact-top%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26amznbid%3D1%26amznp%3D1&cust_params=browser%3DChrome%26k%3Dtoronto%2520star%26page%3Dhomepage%252Capp-editorial%26environment%3Dprod%26cutpoint%3Dlarge%26permutive%3Drts%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_entertain%252Cgb_crime_high_med%252Cgb_crime_high_med_low%252Cgt_negative%252Cgv_crime%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_business%252Cts_ent_evnt_attr_gnrl%252Cgs_entertain_arts%252Cgb_crime_high%252Cgs_home%252Cgs_news_and_weather%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_fmly_prntng_gnrl%252Cgs_politics_misc%252Cgt_negative_fear%252Cgs_business_careers%252Cts_ent_evnt_attr_msms_gllrs%252Cgs_home_property%252Cts_bz_ndstry_gnrl%252Cts_pl_pltcl_sss_wr_cnflct%252Cpr_test%252Cgv_death_injury%252Cts_tmtv_t_typ_sv%26optable%3D%26prmtvsdk%3Dweb&adks=4245816087%2C3334131667%2C3682374077&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
982e893e07611329334c180425e08538f91888d595e92be19fea7f5022677063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66065
x-xss-protection
0
google-lineitem-id
-1,6395607082,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138445168598,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 007A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:06 GMT
expires
Fri, 08 Nov 2024 16:01:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 136E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
expires
Fri, 08 Nov 2024 16:01:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C43C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1Gxlk9DKKnVqsfHlDHnHECjhdXC1afwxZh3IKbZ4kZ_EpHAWidm6okHbaICRJP7qPzEuk9-AXFG0wzy3ZHySYH32EmE0JgE-4xEtNCMmbVOU3wRT9ABtY1Kzp3fu4BZUGcRq60nGRClI-r5VS5vLP9nBm-OI7dYnKrQv0M3oJE9Dhou5ElJUbzNq4PeJ5OeluSbhX2GHTEzQksruXe0jr0HkdR2cACfjjJI7f2XTMvYd1pk8NQJ5dhvK9cTKp4_ydQoXpx4bMeo048AZFxmwxO8J3ekbwdQLquLyCa-4IsVaeIRx2Zb8w9HtRo5VnIecqW397y78bd1EuzA&sai=AMfl-YRXGFoQ4vds4Mv2pZhil9x4cuE9HenFibQjWuFiD3M2H5-zQ2i_anFk2TI0OnU6JBl2VIOVn4UBGWCFkS4MBRpKIUO58KVL5TMJNir4FOwUEEOFytAgrSPin6UAAQ&sig=Cg0ArKJSzOmkmjyZffEKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pub.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/ Frame C43C 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.250.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
1d287075a8301383c3ee89e522fb146f041dcb1cceeda237f5b684803f72abbe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:08 GMT
Last-Modified
Tue, 31 Oct 2023 14:48:38 GMT
Server
AmazonS3
x-amz-request-id
A3A8G398M2R5SVWJ
ETag
"0bf20109065ed6d9de596d77f84cd6b8"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
36467
x-amz-id-2
XGUSk2Mbatrh6SnrvgJooch03hpXbRs7YXkAJ0P+WjZRgVOub8ZAa1bPhzbRA3jjzVo8v0pWknU=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C43C 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:01:07 GMT
container.html
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F2D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
expires
Fri, 08 Nov 2024 16:01:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C73D 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 136E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:01:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 136E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bo1-SWBAKNHrrz2zgw1WU12zI-RsALKzrB9iJ34NLl8caWBU6DNABq88p3nH2rCRe6SiB-zltEKLxkmeuk7avx4S3-QGRltsthWpjJEhP_JaPOtds
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 136E 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12964468369009750761&x=1&ct=119
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 136E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 20:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:02:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 136E 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 20:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:02:14 GMT
l
www.google.com/ads/measurement/ Frame 136E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOEkW0zrJryTpVM2xam2k4Nt4Y7ZUjLU5sCOcwUbzS3JiCJHQJCExyr8Ez-9pX3XDRxWUChXGe6atHN4E4xva-JR895A
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 136E 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:01:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A815 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0F2D 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Origin
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:18:57 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 0F2D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
37753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 05:31:54 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 0F2D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
37933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 05:28:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0F2D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 15:31:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 0F2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 20:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:02:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3648 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 05:40:11 GMT
etag
48472445140208031
expires
Fri, 10 Nov 2023 05:40:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 0F2D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 20:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
71933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:02:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F2D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJTXJ1PkPV8rNsMixjZMNo-Udnu_p57nRz8hf-vQiYGeYCGS68v3RdcpIi71jl4mA19OVZzU7PCP6O-m7gSyGjPR8lIxc7H_IPbRewLm_L6O3yVNU
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0F2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaScDv99rWsLfWBO6gSjtiplJ-yGvAj-YT1PMsM88BJ0JngnxU2KaxkCbCdKeWjHVMuTGsb2IuBc-tcRARKkjGRHNrglww
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F2D 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:01:07 GMT
rum
dsum-sec.casalemedia.com/ Frame C73D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW%2BcInGc4eJxNi%2FjKK2opsLbny0l00pNmA0NYzCRK7DXhlHPKe27hcy5bPU2s2p8h9A2ETT%2FD%2BqUhL4k8VvPMh6kz5aWfwiDxvuKUuPPU5Zwja8eIXusT1bTaZsXcoM6epjm7ADdNc6YkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823745c6aad3a1e7-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4xr8vZjBhbeSFuIrrG%2Fn%2BdBEQeaOZVLUe6AExrxYrpzBtKqkV92MGJrdsnLJh1qNYR0UBGxeDa1w2O1o8%2Bidh3AaagzT4238ksDhps6eW4H39xaZYKLMiYfI4O3Wor5fRZlRYnb%2Bs4VQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1&C=1
cache-control
no-cache
cf-ray
823745c639e3a1e7-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame C73D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU0CQxAMBGmLWfUO5PEdBgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afjtsQoE3X%2FY%2Five7Ly%2FHZY4pYa10MAwTm0vKTmM7iKQqVw%2FZZoornkQ0Sdgcy2G4jwsp3P%2FO%2BXZszwJOjt0baMYSDjgaW%2FU6wqKZxEFnIbyb9MtL0Dc%2BY9hdmNME4p%2BbQa0q%2BSIiQDbNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823745c74fc17114-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJlSxi9g8eqj_K9UCD6bl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C73D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBJZAtIyM7xvO2w440d9Bs&google_cver=1
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBJZAtIyM7xvO2w440d9Bs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Protocol
H2
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
an-x-request-uuid
af906ed3-2b7f-4436-9e53-a0bb0c1e6278
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.80; 62.3.36.80; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBJZAtIyM7xvO2w440d9Bs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C73D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwNzU5ODcxNTcyNDg0MjQ1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwNzU5ODcxNTcyNDg0MjQ1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi_gJj9ATAB&v=APEucNVWeaKt7Sa5xTvbsgnOE9XQP0E4wVgY3eACAv4xPEi0F-w3nPoh7Udw8ryVcr-eOMc6wnqpxZyAb36XGDVUzmpas_F05A
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
an-x-request-uuid
6d7e50d3-c22b-4c34-ac85-d9f1f8092daf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwNzU5ODcxNTcyNDg0MjQ1NA%3D%3D
x-proxy-origin
62.3.36.80; 62.3.36.80; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A815
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZ0nygnBJNBlTONuuWx8ek&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZ0nygnBJNBlTONuuWx8ek&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZ0nygnBJNBlTONuuWx8ek&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A815 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A815
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA7hX_LMXafyMvXbWi0-4zs&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA7hX_LMXafyMvXbWi0-4zs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Protocol
H2
Server
23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-47.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 09 Nov 2023 16:01:08 GMT
pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEA7hX_LMXafyMvXbWi0-4zs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A815
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTZhNmVhMzktZDU5Mi00YTIwLTkwNzctMThiNTAyMjYwNjlj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTZhNmVhMzktZDU5Mi00YTIwLTkwNzctMThiNTAyMjYwNjlj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMH6FRCUyVkYiKft_AEwAQ&v=APEucNUact5N1AD2zJ49TN64EUmNYLBEmWWCuxpgMcU0yaEZ-tn7v1x_pWpYyrlwx3SoMH3auefKLZ6Go_OxdjjRVCQ38FWZpA
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTZhNmVhMzktZDU5Mi00YTIwLTkwNzctMThiNTAyMjYwNjlj
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 09 Nov 2023 16:01:08 GMT
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEBnFz9fBxG27FSXT9ZIQxCc&google_cver=1&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djka...
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK-6-DRAuEXPnaRGtasuZWWVfox9nzeed5wFsu&google_cver=1&google_gid=CAESEBnFz9fBxG27FSXT9ZIQxCc&google_hm=UTc1MjgzMjA3NDEzMzg5NzQzODM=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 09 Nov 2023 16:01:15 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTFAvw8nIbjOSngt63DaKBPrmxJW8KwiBJdAqdfwGo3VmnEhw4vW1xR5qvYXYbp5WZBuvrz1a6_domuzUlB0pXnQ-5mAh77djkaFqgArBO-urjAY6AK-6-DRAuEXPnaRGtasuZWWVfox9nzeed5wFsu&google_cver=1&google_gid=CAESEBnFz9fBxG27FSXT9ZIQxCc&google_hm=UTc1MjgzMjA3NDEzMzg5NzQzODM=
Content-Type
text/html
Cache-Control
max-age=57750
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG3PmjMpG8G-BVGnAm3p7QE&google_cver=1&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5ndu...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hbfUx4ltQO4txnrv4bs3MA&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5nduiCnvTe1KJb_sgx0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hbfUx4ltQO4txnrv4bs3MA&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5nduiCnvTe1KJb_sgx0g55YH5JA3NUB2eE4MI8R81sZP8LGeTneThDd1YxOa9tefEdv9s4zV
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 09 Nov 2023 16:01:22 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hbfUx4ltQO4txnrv4bs3MA&google_push=AXcoOmTwhiE9vJ3rQAOyfnJ8PYAQO9qjrf45VBFrWMTIKz4E3LpfEVIJUNzJedAeuagak6Q2oKiNaoP3w-xL5nduiCnvTe1KJb_sgx0g55YH5JA3NUB2eE4MI8R81sZP8LGeTneThDd1YxOa9tefEdv9s4zV
x-host
tde-deliveryengine-production-bb588bf9-2955l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 3648 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEP8z1aYnl0RhCKevptVAGxE&google_cver=1&google_push=AXcoOmS7peEStJsJTcDpSJNcGKdC43FClnjJYsSaj7uXx_wvOYCxOqzLwQ7DAjqETnQ7CWEdNKj3u6YxNb6p3-KxLeAG2ZSiey4TalynXUYVm2-sEMgPfR2EYDo0f4d6G5xhs93elUi_UWjDXkY25PlcLIsZ
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMmMh-Qv0kXvd2pYjMlWQHc&google_cver=1&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJnMRJeMsmLf8XHcrtvL9BOMJrMydj5oto95Tg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJnMRJeMsmLf8XHcrtvL9BOMJrMydj5oto95Tgt9Un1CQhRJzm7FbkJJ-pdVhFnI8UXgZwyfM
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS95iCyDulcmzdmtdphW9TkquERp4vHQk-7DQ-mk-ZgE4MhACTcfrt2-H4rNEtzZ8QaPkxKAD0EkTLJnMRJeMsmLf8XHcrtvL9BOMJrMydj5oto95Tgt9Un1CQhRJzm7FbkJJ-pdVhFnI8UXgZwyfM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEP9UFu_9cuzoVnNZ2fxkfgY&google_cver=1&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TN...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNE...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4MzI3Nzc0MjM2Nzc5MzU3ODYxNg%3D%3D&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4MzI3Nzc0MjM2Nzc5MzU3ODYxNg%3D%3D&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNEPWpabXmSuo_a2DqByQnubVwA1EcFuGKgjzrMU7MvA_quONi4PZ3l4DdI
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4MzI3Nzc0MjM2Nzc5MzU3ODYxNg%3D%3D&google_push=AXcoOmSN1fyFoz-9g4UYme6kKxr7hjr9nmhmiCLmrVWZLaFzRuxrBzZgJmsuP3Fh6S6XWT59kR7ChyoZCyJRaFGFNur6o_R4TNEPWpabXmSuo_a2DqByQnubVwA1EcFuGKgjzrMU7MvA_quONi4PZ3l4DdI
date
Thu, 09 Nov 2023 16:01:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOnlvfDsSvJ5dO7-URfA2KE&google_cver=1&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCohpCpCDuoPs0BBAGAHW5LQJSd5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCohpCpCDuoPs0BBAGAHW5LQJSd50n-ao2QgnlXw5eWarVUGP5wrAqEfAxMDgwWiGYzMu4SjjH3Q_auhaDW31dReGsYrnO5xg
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5&google_push=AXcoOmS1vNHmSgJTf2_-6lDIjkXD3eWPvXk3Q10loxAsI9En2thIls42-bM54uCohpCpCDuoPs0BBAGAHW5LQJSd50n-ao2QgnlXw5eWarVUGP5wrAqEfAxMDgwWiGYzMu4SjjH3Q_auhaDW31dReGsYrnO5xg
date
Thu, 09 Nov 2023 16:01:07 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3648
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELgRMkt8-mZaVd6Esdph1rk&google_cver=1&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESELgRMkt8-mZaVd6Esdph1rk&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4hX0NBY5nXzIyY-VwaPD7Y3_7aYEEq6&google_hm=dVFvdzNPWWxhMDlaVkp3R3NWQUE=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:01:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQsAtRw_Z8Zv9kUzJZVlwGqgut0pXf55ClZKtrefFYldR-dYKMrrGaD0VJbBFWvjsik52rv0bWM1SzU24NKy9XbRXF1AyK9Eg-khL42S_gcVYw7scOes1MrR4hX0NBY5nXzIyY-VwaPD7Y3_7aYEEq6&google_hm=dVFvdzNPWWxhMDlaVkp3R3NWQUE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3648 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IanSVqVHuEVB3lpnTRjQ5Ai6fyV-kO060LjldiO6mylLx-VDAwx_l9UrpasgS81qxrdBp_iJg
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 136E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9381953852812&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 136E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9381953852812&version=m202309260101&ct=119&x=1&cor=12964468369009750000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 136E 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRXt5_ZMD-3gt0FWMAeLL-ySozZrtaVX_hQKOlQ4K111ib0aHhG6mTsDbAIbqZldlOZNJqraleJYzZs52GcLC3KifudhWm29mFBx9oX_y0mzi-1qiuKWytfVMUV7IqzdGLZVwGZG3P3ME3JgIItbEJ5mQ-rbsgHKUwY5wKN3c6KXub9Ws&cry=1&dbm_d=AKAmf-D4xoAXLtuF-L45Gp9lcDr1nYnPJd1_qSgCE6AqVVv7afb94zPLIxwt4B3bIjKz_eVo0tvzK14vkLS4bq-1WuhTD5GYh9SQ4yLICuG_r64sHvF1D6EJEOG_gjqZlYje26M3zcqCfuz6VUtZxduiz3I-vbIfs1kYSI5yBdAZjxZFvVGHJ4zwILCxiyWWo3oKlhDD9pHxUE1opBoBKZYGuFNGvz7zxD0qac_jF7saIlzpcp0T84xdMhPYAQdg7nNZ8g6Agk3sNiomaVdwTfmBWUwZdPJgEmckkrI15NnPmOj_iil5fTl-UTqHmgRzVWfeoQERQHDCKD78vMmFPvMZ-KEVQ6ACIyDF6M5qyQzGtzRf9VLm_Xg9LcC6GxJGn3ZYvsB1oaUPP8YPgHFJ6mvPV4uau0UpEX79bQPWcDnzvATRJpflVc5EuJpg2aGEaIyGVh8Shlu9VBmeD-Qe4v5iXI1TN6gdkSguBzY1bRHMlnw-etRULMXNac1PO6NA81mmhsxuBh9j9CfuseTk_BluBxwUbVWbkCwhdWZPudQtWvC2VW-iBh9wiqfFGFDJBo2VigeEgprmceq4xCrkvUpJYepxYlwlGRCojJ1FpB-gHES5yKmw-3ABRLSZ0I0CL-3BzItCUxo7CjXaZOkl_uhJMNY4cpKG3uGy4l3mARq--MjHlbvM-5RF7q7h0ga98lxNmj6WvtRfZzvtAlZfuPq0qt2hxa_TQX5Z3-8ccfsKzQE0KPqN5kFkr_EDp7wsHagcRJHc8iqjls4qqy6IP2xwEtyMi5NUs4t4Ty7Y8VXAI8aLyS2hf49xc6USFcLArWlUDk1gVLfn3sMAYuxzkOTtd4CPoPr7TVKfbcbEpjAywKvctHbsiK4N9_APZRH1lwKzm0hV4KhhdjeEXjOhGw4aLCRufSuOfJ6yAi--ICzRbeVysyZjSnAClt7LDhGYdAi1sfJV1gVe49KEL7TFWRifl9YS9En97Ji9n8f1-9OJ--BoMPN8HQELr2PWR8jugTUIuc4R__yldTIC4JtejQej0KHx4PftsdYRNFmeyWgTRBPDb90F6VGe9U-XPm3UmgeXLjBPBpOYx_PFtJLMAF9h-dZQYxljqpT-FSRvlfWWPF0l2Ia76mD35d9xzD9qXnJRv9z25_hxbfGoZM2i3XGl_FRPxzdCfJJMbeyuBW1e8lX8KMTemAQClIHv--mNRJAkSFQJjpAabFrM-BK_fd8pu4crFuHgY2CU0qMZVJDBwe1RzZ110ARk2zyR8py8L_Um9SN_8mdTpUQemjnzaHnsbXqBhgs9qtrTMxhEODWGj6MFM4WTzAzaVHjw6K3K7ksj7T5W3ctYNdrHSs1p7TLx_jpdvTDQz3VT_Hl6SaE-oOo53Beg5_mfPD1BDavKmjoFtxz7XThvSljoE1RfOQg1R30ivGPpmASx9WrLafOiPXZQMcpBH5T-UBeRjyZpnuPG8OCagnO4OXae-hks39sLw1Wo-z2giEs7eeux5cU8IzIYYYGDu0KYQiAXvzcWbbJrHBRH12zvWRC5VtCrVcaD4FfAhlvQzkCfQ0FMWTOxwrvGtPOL3sghOAE-dk0m8z3pVi25Fw-aKmgiUrEJUgBohc0Gy8ho5dmf6KjVSPpZDa15baljmSAAr79AHfZUTRZcpJRlsNBoS-Y2XqDakv3U0JfO5zB7ztl4WgoXUSAgInNQd9bQtyLiGJUK2JdrewNKYpRfIRIVni8OkFcrylXROTTJOda5Tp8eUZ6ZONvgFDF7ekK-_818aWwv0hd_m0FRE9C5Q-A9KC2jtov5aIRL821L5ewluuDRhAT7nQEWoYIFY38bmj17fzEjQ04enN3bJ3e4SbYqpz-j3f8GyE0E6TJCqE_P1h2AZNtkvu1Daisvca-sEzWqu1EYECytfQ36NoTLzPU8ZM2ZYFxf768RHEH0F3UrO7DCM2AT9SevdvuMbwKGjcbQbJg_bklGjO3X049i7opibrs6YUAsxXmeN4UDu0w6486AMhWyu1Oxjsci_c44mAW_NFwvmPOq1VgTznWXAr2DymGEoCsXm8jPjZ9EK_9_NooP5il-EvFvBdzVIwXFE3vTFonK1QXlgusHgrHSdAimZtwRSdIYEKiZ4B-Mvnu3G5g7_QgIg4jzbTxqMBRV1v2jEv7iMKNjPmVK5DAzvB4irnKSYwXndlii80Q0rsecTeey5TK_RLJhXhr0LuVmWb1ZTZWYS-H9Ad0Uww37CibVcNFTVgs-tqOwKXNpFI_IhIc6mLE1h-IXkb5sfs7DYFfGBO_rolRyKZ1flYNBuUUzyoexJ-DFSNfs_xf3rkMVDdlXIH7kq6xfTuyj-CW8k45cM9yl40kPxgQ9lGvdnTxqCQhM9pxYbZWvzZCA58uFoWfeoi8CszYnhOLJMRUCkuDpRtuJo-GTANe8Gd9wLk9XmN2Kjci9UaU8nqbFERqjl1JK40b4JvwE0FIKvByrQ24pSVth_yBOM0y7_BCWj8S7SdGoEPK74ebn-eZ4dL0bhuoFs9QmZ-WCJDmGfxBEmXYc9EOcFZpM4qTMzyT7TJJtxqKCiisXPj8YD1u2AClprkokqWdxGfYamvh-Jf_UnhfSUZSHFXdRuGCWNisxQpCiOpqPvVhol6hPH7MGwycB7djoGuPrj95xJM3BDKbhlsyHjkjOmzhg_RYhYGWhTIQOs5OXPu3mIy9kl0rYNqaXKbxiYwHyPiLcC9UHQE7lhRRcuLPUNZWZVs775k1cHiz-zqTckPuWjXGio34YysT9rcFp8ofSmy4VowvXuVM4nfP_LyJHJx4l9Fyj8kHEV9jUUwo-nI3n_IvcvDSS92rULn7nmJhVvwjuJmLopwCwVq-2_GJ9NKvDWTtWMQPFK784YTomjJ6CM-BLfE6v0XkdzrdJtUXgTXWL5sDNJMvFv-qU_AyVaXCEF8nJLp9WyXRSVwFHlwjmpPNYp3hyFdy6HxDBAOx9Pes95HX_GFelgL9wCcxJ11YQZeRp9hpVBF-CU4bAMOK4lvHsCkUgFV2vUWXypZZGwyHbjp8uDFrtYP-0qu9qfcsVUK8zS8kh3Vd6Pyy7zp47YVwUd5w9mDqFRf9r6D813EGTmy1Jqx9xTOzXKBv3qGPowfJPI1VFSrkXDJGeKW3mdfy8YbLkt06F5TfbaBTZ6xz71cbfVJ-FTh6F7JSep6y6r_ltzXw_rhb6XysWTlR3gTCWpHletrymQxkdVeJBOz7YCq23VnjY-t8YoZPbCue6ZcYY4PW_EYbyJYp9E1UB5MdC4BY-9GWmxDW8n5pYjRm4-HwkAz9Dq0mRxjeSGAC7C4qrauyAEOORjJvl8ZLJw8f-_0vJcYKmd3sl9T6JmB0mqrif8-UdZZYSFLkxuokERBnicLtB6oLP71benZYHxNz0ncLwovK6we2YFDEU04-aOGzpW300PL66LY0tDT1Er6H-jM9Jx7Fhw_zTo3ABROBnM1kqftTPeCJHttZ_RqU9fQpi62xvRc8ik-h0Oa_8IkRDRizsyTcqLaRTOJulALCKrc96xBq3FeJ3txQoCQqvPo7GPCViZt6LND2XoBpen14NFffE73TAmPbvnZj1xdhXI0KeyFhJ9c2YXxteJ2XzFbcH--7dIO7U524TAOoAI853cAYnxibAfjq-6PCz1jgCfMMxBoaQs9eJGzZr7BiMhT7f4_oTJR2T7A3oLLuejDoGWQxCRtZ1iamnOxsKwFIiCmdwyYt3oUC1tdoiRdHq8WKd5GmMiqg1mi1wunjMHy55QE10XvSq6BYh7AK7B9yvlFL9iCRqug&cid=CAQSOwDICaaNF6LUOmTfrsyMdL5SbWjy_LhD0h8nonOi-rRUZUnP0CSFp2d8RGge7H3Nv_XZMggxdFaq7a9wGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com%2F&ds=l&xdt=1&iif=1&cor=12964468369009750000&adk=2228999115&idt=161&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2d3c0380882f972a925d968508d24712258b0101229d2610dd94060ef437671e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
617305a5e9d96e9b88a4561e9d034d76d5209d5eba40c87347ea89cac307a800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1550
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
expires
Fri, 08 Nov 2024 16:01:07 GMT
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0F2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxoXH58UHut5uNEwGI6trXOCTdMYCyIwA3aynTeF1Zal-IaNwEsGxmADQBi52arqO5jlMfOkZKTXG_Uns3GlZ_OCrsRSkNfzhD2PqFVGRIjDOdVKQyTKNH0aHXScRgg7b-dcNj8_10Okex-Hqz6RoBrQE1zUm7pkf_SyodVOiOJorGAxmexE4gxGA--nTO-dhTyiQZY46cSUGM0SHMqwNszBMtELsIAR3dYRSqpszAmefwiz5_KcD77sGJ-lioNR6V6RuvC1CP3YtwHxpWZWpbx0xey-6m_OhRVgcTlYcbmF3j8ifi7IoXqBD5L5MHhAZnvXRaTF6TMAqc5thMNbZA6BnlndF5XizWuRlzYDbe8Y_sJK7pFPPTL0Kxj7KKFR5Ww33Oicyo5nexbfGpVacuJN2ThNs-vKnMdLOsrxhoeVwkWKHzagGlyg_1zQ13VGjq1zqCexfdMjNMUWQZXEz1g36ydVK52jfFSYqY4jPaeWFn_wDdowNqW9koiDH1qY8h30Q0CLGNekYyFV5Fj7R_4i0-ZJv-SIghwrwAt2TT2OHA53019zvfkqiKszxMz7yHFVjGfJ5XSCdhEV8sFUfbXPNf48udTnC4Qah1vHEvyDaEXD5tHAYiSYDaoLDMrjz5dmrg0W2I9wCNPjTD0KhSYteVJ8pACDELoCWCEM-maww3jvfVihpmY0nfzL8hvS0y4lrSz6YWd_ppZismkqKyC6axL9xxpn2e75b_wtkFxpCioU1zXuMWAB81L1u5Dksqy_aC7vk33Bk3qwDSu8r8KKuCJXcpeUncwTGaxEHJORmupF_-I9zZO6wOBMNYQrMv8M5d9lcXCUe9YuOoObOuuPPbjMBMCuzLkibByxiCLEo8O3vZBqURGzyEFkLsxsDmsJJ0AcutCMxh3FwkDFwblduuakAV89QJPZmht86Tqn1ZUHJtaOpJ0DZvikMxoCi5HksHC3EIaLHdNa03cHpNEHQQUJo9-q9-8N0RRh3jDjHoRJU4hvBRdqe5Dan5V0fHzcRtu_eMWhoA04njHdULpKEuobGa7u9TpyvqCdxeTNuhdMXsRYX2EkkGgSG1O1KB4J94TMvJhpKzPrpL_qKM1v41dIy-NkSdd4j2L-8iQwSoWcXQ6jQVDJbV6LdYzg8YgGZ3ZgyPVBx6Yc7yMRpnRXOd23sI7WAj0PSp0Hzdsjq61D0zKpgVX1u-iJmhCDhhTlIr3BdBr2ldcxaJAu0Rp19JPqtM-PYl_hC-5WijITSoXhBPYW5M5JuhRQU9xGV2J00hw8J6JodwjTWv1F_teNChFauEZxwMcF8OFdTsnfiXVJlraqC-DJ17wuPkyjmF6TGhHQsInPvYPfb-WwY4W3u9wt3KnF5p77UhSQPmW8JJOrYERIOE07mGCA4a5LXTgJLZDQUwXB9xd8JzOLE8MJIJVn0&sai=AMfl-YTq2fOsY4-a7--KPSXLLkN9E848j_UOoQO1E-xl9-_ARRVDEr2lvc_kuolh6_PDoiif0lHXGIFowAbEer2C4ybnms4YjJMiKY2pK_YNa25uiZReYQj9_Oj0mWIZ7djZbz9LvTPvF166xK9Q_70PZ1irEpDdGG434PgaR6sAjj9AlhbF8SGNvBiGenImn2AW79OR-uP1jauZwMHxwRuf-GOaSkgJaXrptfigpmzrskiG3ROx4zbnCo0sN9kI94MKyJbhaOdqEDspNahg1qJKW-nuHyNwp-DnER5rlECgcHPW7aexWmWc7dVt_YO8rNJaDAxd6B3qTJZ8QHx6uL8sYG3GupFJjZ8ViktPnZEmYcYImq5p4SzCGFvBeeM6sLEKmQhrs_IEp-3QxN48frlaOcPQ&sig=Cg0ArKJSzJckq0Ks4-cKEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cstd=163&cisv=r20231106.22433&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
placements
mia-placement-server.rubiconproject.com/ Frame C43C 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Fwww.thestar.com%2F&publisherId=62019&size=xl
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.202.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-202-190.compute-1.amazonaws.com
Software
/
Resource Hash
58712d0ecb9172e49a0868a4369b34210752e14c62cb4a279c48e41f6bbfd3f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:08 GMT
content-length
1043
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
truncated
/ Frame C43C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bd5379e2ae6334835fd673237c31ad2cd14fce6b3dc02c99b7205ca9556186a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C43C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqaN2MalTGqeTFZJDP0UDhGQYZYbBnOeQQRKprqM1O2OAHJ6EOni8nzNRM7FBOSIhPSfcZOzcxzc8GVYD2WMfQIFFJyeLu2q7tCNTcQWXzHlp3B9T893-dagHmE7qqiFkTI6IRHuDW-oM7XrMdNLgspZUrtzhLMsyeesPgZfLJwqcl9RsBPQlGtUVOZblJPuLKKjc2Yi0AugKNmreHTw_7ZZQQMZc6WWB750uAgu5JcEJ3k1pm_ye7S5Hzumm851WV-2-cgWeiUBOUQ4N_li0jvPy8_agtnwFj_r7Op4iBzGcGxlJ7BtrvEZ7j8c75J3-4VSrKOAA1748txXG0&sai=AMfl-YRmeoxY6JitzDb2TqCZ2g7ZPK7eX3tqknDTyFeWPfpiLHbrjm532mdnvNnHUH6rDSRx91qroyYjfVZwQ126Ut4JcMKg-sRU2IqbQkP5eREtOF5ddfLu4kMjvAOJ3g&sig=Cg0ArKJSzGhWq3UB0GzUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Nov 2023 16:01:07 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 136E 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Origin
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:18:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 136E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRXt5_ZMD-3gt0FWMAeLL-ySozZrtaVX_hQKOlQ4K111ib0aHhG6mTsDbAIbqZldlOZNJqraleJYzZs52GcLC3KifudhWm29mFBx9oX_y0mzi-1qiuKWytfVMUV7IqzdGLZVwGZG3P3ME3JgIItbEJ5mQ-rbsgHKUwY5wKN3c6KXub9Ws&cry=1&dbm_d=AKAmf-D4xoAXLtuF-L45Gp9lcDr1nYnPJd1_qSgCE6AqVVv7afb94zPLIxwt4B3bIjKz_eVo0tvzK14vkLS4bq-1WuhTD5GYh9SQ4yLICuG_r64sHvF1D6EJEOG_gjqZlYje26M3zcqCfuz6VUtZxduiz3I-vbIfs1kYSI5yBdAZjxZFvVGHJ4zwILCxiyWWo3oKlhDD9pHxUE1opBoBKZYGuFNGvz7zxD0qac_jF7saIlzpcp0T84xdMhPYAQdg7nNZ8g6Agk3sNiomaVdwTfmBWUwZdPJgEmckkrI15NnPmOj_iil5fTl-UTqHmgRzVWfeoQERQHDCKD78vMmFPvMZ-KEVQ6ACIyDF6M5qyQzGtzRf9VLm_Xg9LcC6GxJGn3ZYvsB1oaUPP8YPgHFJ6mvPV4uau0UpEX79bQPWcDnzvATRJpflVc5EuJpg2aGEaIyGVh8Shlu9VBmeD-Qe4v5iXI1TN6gdkSguBzY1bRHMlnw-etRULMXNac1PO6NA81mmhsxuBh9j9CfuseTk_BluBxwUbVWbkCwhdWZPudQtWvC2VW-iBh9wiqfFGFDJBo2VigeEgprmceq4xCrkvUpJYepxYlwlGRCojJ1FpB-gHES5yKmw-3ABRLSZ0I0CL-3BzItCUxo7CjXaZOkl_uhJMNY4cpKG3uGy4l3mARq--MjHlbvM-5RF7q7h0ga98lxNmj6WvtRfZzvtAlZfuPq0qt2hxa_TQX5Z3-8ccfsKzQE0KPqN5kFkr_EDp7wsHagcRJHc8iqjls4qqy6IP2xwEtyMi5NUs4t4Ty7Y8VXAI8aLyS2hf49xc6USFcLArWlUDk1gVLfn3sMAYuxzkOTtd4CPoPr7TVKfbcbEpjAywKvctHbsiK4N9_APZRH1lwKzm0hV4KhhdjeEXjOhGw4aLCRufSuOfJ6yAi--ICzRbeVysyZjSnAClt7LDhGYdAi1sfJV1gVe49KEL7TFWRifl9YS9En97Ji9n8f1-9OJ--BoMPN8HQELr2PWR8jugTUIuc4R__yldTIC4JtejQej0KHx4PftsdYRNFmeyWgTRBPDb90F6VGe9U-XPm3UmgeXLjBPBpOYx_PFtJLMAF9h-dZQYxljqpT-FSRvlfWWPF0l2Ia76mD35d9xzD9qXnJRv9z25_hxbfGoZM2i3XGl_FRPxzdCfJJMbeyuBW1e8lX8KMTemAQClIHv--mNRJAkSFQJjpAabFrM-BK_fd8pu4crFuHgY2CU0qMZVJDBwe1RzZ110ARk2zyR8py8L_Um9SN_8mdTpUQemjnzaHnsbXqBhgs9qtrTMxhEODWGj6MFM4WTzAzaVHjw6K3K7ksj7T5W3ctYNdrHSs1p7TLx_jpdvTDQz3VT_Hl6SaE-oOo53Beg5_mfPD1BDavKmjoFtxz7XThvSljoE1RfOQg1R30ivGPpmASx9WrLafOiPXZQMcpBH5T-UBeRjyZpnuPG8OCagnO4OXae-hks39sLw1Wo-z2giEs7eeux5cU8IzIYYYGDu0KYQiAXvzcWbbJrHBRH12zvWRC5VtCrVcaD4FfAhlvQzkCfQ0FMWTOxwrvGtPOL3sghOAE-dk0m8z3pVi25Fw-aKmgiUrEJUgBohc0Gy8ho5dmf6KjVSPpZDa15baljmSAAr79AHfZUTRZcpJRlsNBoS-Y2XqDakv3U0JfO5zB7ztl4WgoXUSAgInNQd9bQtyLiGJUK2JdrewNKYpRfIRIVni8OkFcrylXROTTJOda5Tp8eUZ6ZONvgFDF7ekK-_818aWwv0hd_m0FRE9C5Q-A9KC2jtov5aIRL821L5ewluuDRhAT7nQEWoYIFY38bmj17fzEjQ04enN3bJ3e4SbYqpz-j3f8GyE0E6TJCqE_P1h2AZNtkvu1Daisvca-sEzWqu1EYECytfQ36NoTLzPU8ZM2ZYFxf768RHEH0F3UrO7DCM2AT9SevdvuMbwKGjcbQbJg_bklGjO3X049i7opibrs6YUAsxXmeN4UDu0w6486AMhWyu1Oxjsci_c44mAW_NFwvmPOq1VgTznWXAr2DymGEoCsXm8jPjZ9EK_9_NooP5il-EvFvBdzVIwXFE3vTFonK1QXlgusHgrHSdAimZtwRSdIYEKiZ4B-Mvnu3G5g7_QgIg4jzbTxqMBRV1v2jEv7iMKNjPmVK5DAzvB4irnKSYwXndlii80Q0rsecTeey5TK_RLJhXhr0LuVmWb1ZTZWYS-H9Ad0Uww37CibVcNFTVgs-tqOwKXNpFI_IhIc6mLE1h-IXkb5sfs7DYFfGBO_rolRyKZ1flYNBuUUzyoexJ-DFSNfs_xf3rkMVDdlXIH7kq6xfTuyj-CW8k45cM9yl40kPxgQ9lGvdnTxqCQhM9pxYbZWvzZCA58uFoWfeoi8CszYnhOLJMRUCkuDpRtuJo-GTANe8Gd9wLk9XmN2Kjci9UaU8nqbFERqjl1JK40b4JvwE0FIKvByrQ24pSVth_yBOM0y7_BCWj8S7SdGoEPK74ebn-eZ4dL0bhuoFs9QmZ-WCJDmGfxBEmXYc9EOcFZpM4qTMzyT7TJJtxqKCiisXPj8YD1u2AClprkokqWdxGfYamvh-Jf_UnhfSUZSHFXdRuGCWNisxQpCiOpqPvVhol6hPH7MGwycB7djoGuPrj95xJM3BDKbhlsyHjkjOmzhg_RYhYGWhTIQOs5OXPu3mIy9kl0rYNqaXKbxiYwHyPiLcC9UHQE7lhRRcuLPUNZWZVs775k1cHiz-zqTckPuWjXGio34YysT9rcFp8ofSmy4VowvXuVM4nfP_LyJHJx4l9Fyj8kHEV9jUUwo-nI3n_IvcvDSS92rULn7nmJhVvwjuJmLopwCwVq-2_GJ9NKvDWTtWMQPFK784YTomjJ6CM-BLfE6v0XkdzrdJtUXgTXWL5sDNJMvFv-qU_AyVaXCEF8nJLp9WyXRSVwFHlwjmpPNYp3hyFdy6HxDBAOx9Pes95HX_GFelgL9wCcxJ11YQZeRp9hpVBF-CU4bAMOK4lvHsCkUgFV2vUWXypZZGwyHbjp8uDFrtYP-0qu9qfcsVUK8zS8kh3Vd6Pyy7zp47YVwUd5w9mDqFRf9r6D813EGTmy1Jqx9xTOzXKBv3qGPowfJPI1VFSrkXDJGeKW3mdfy8YbLkt06F5TfbaBTZ6xz71cbfVJ-FTh6F7JSep6y6r_ltzXw_rhb6XysWTlR3gTCWpHletrymQxkdVeJBOz7YCq23VnjY-t8YoZPbCue6ZcYY4PW_EYbyJYp9E1UB5MdC4BY-9GWmxDW8n5pYjRm4-HwkAz9Dq0mRxjeSGAC7C4qrauyAEOORjJvl8ZLJw8f-_0vJcYKmd3sl9T6JmB0mqrif8-UdZZYSFLkxuokERBnicLtB6oLP71benZYHxNz0ncLwovK6we2YFDEU04-aOGzpW300PL66LY0tDT1Er6H-jM9Jx7Fhw_zTo3ABROBnM1kqftTPeCJHttZ_RqU9fQpi62xvRc8ik-h0Oa_8IkRDRizsyTcqLaRTOJulALCKrc96xBq3FeJ3txQoCQqvPo7GPCViZt6LND2XoBpen14NFffE73TAmPbvnZj1xdhXI0KeyFhJ9c2YXxteJ2XzFbcH--7dIO7U524TAOoAI853cAYnxibAfjq-6PCz1jgCfMMxBoaQs9eJGzZr7BiMhT7f4_oTJR2T7A3oLLuejDoGWQxCRtZ1iamnOxsKwFIiCmdwyYt3oUC1tdoiRdHq8WKd5GmMiqg1mi1wunjMHy55QE10XvSq6BYh7AK7B9yvlFL9iCRqug&cid=CAQSOwDICaaNF6LUOmTfrsyMdL5SbWjy_LhD0h8nonOi-rRUZUnP0CSFp2d8RGge7H3Nv_XZMggxdFaq7a9wGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com%2F&ds=l&xdt=1&iif=1&cor=12964468369009750000&adk=2228999115&idt=161&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
37769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 05:31:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 136E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRXt5_ZMD-3gt0FWMAeLL-ySozZrtaVX_hQKOlQ4K111ib0aHhG6mTsDbAIbqZldlOZNJqraleJYzZs52GcLC3KifudhWm29mFBx9oX_y0mzi-1qiuKWytfVMUV7IqzdGLZVwGZG3P3ME3JgIItbEJ5mQ-rbsgHKUwY5wKN3c6KXub9Ws&cry=1&dbm_d=AKAmf-D4xoAXLtuF-L45Gp9lcDr1nYnPJd1_qSgCE6AqVVv7afb94zPLIxwt4B3bIjKz_eVo0tvzK14vkLS4bq-1WuhTD5GYh9SQ4yLICuG_r64sHvF1D6EJEOG_gjqZlYje26M3zcqCfuz6VUtZxduiz3I-vbIfs1kYSI5yBdAZjxZFvVGHJ4zwILCxiyWWo3oKlhDD9pHxUE1opBoBKZYGuFNGvz7zxD0qac_jF7saIlzpcp0T84xdMhPYAQdg7nNZ8g6Agk3sNiomaVdwTfmBWUwZdPJgEmckkrI15NnPmOj_iil5fTl-UTqHmgRzVWfeoQERQHDCKD78vMmFPvMZ-KEVQ6ACIyDF6M5qyQzGtzRf9VLm_Xg9LcC6GxJGn3ZYvsB1oaUPP8YPgHFJ6mvPV4uau0UpEX79bQPWcDnzvATRJpflVc5EuJpg2aGEaIyGVh8Shlu9VBmeD-Qe4v5iXI1TN6gdkSguBzY1bRHMlnw-etRULMXNac1PO6NA81mmhsxuBh9j9CfuseTk_BluBxwUbVWbkCwhdWZPudQtWvC2VW-iBh9wiqfFGFDJBo2VigeEgprmceq4xCrkvUpJYepxYlwlGRCojJ1FpB-gHES5yKmw-3ABRLSZ0I0CL-3BzItCUxo7CjXaZOkl_uhJMNY4cpKG3uGy4l3mARq--MjHlbvM-5RF7q7h0ga98lxNmj6WvtRfZzvtAlZfuPq0qt2hxa_TQX5Z3-8ccfsKzQE0KPqN5kFkr_EDp7wsHagcRJHc8iqjls4qqy6IP2xwEtyMi5NUs4t4Ty7Y8VXAI8aLyS2hf49xc6USFcLArWlUDk1gVLfn3sMAYuxzkOTtd4CPoPr7TVKfbcbEpjAywKvctHbsiK4N9_APZRH1lwKzm0hV4KhhdjeEXjOhGw4aLCRufSuOfJ6yAi--ICzRbeVysyZjSnAClt7LDhGYdAi1sfJV1gVe49KEL7TFWRifl9YS9En97Ji9n8f1-9OJ--BoMPN8HQELr2PWR8jugTUIuc4R__yldTIC4JtejQej0KHx4PftsdYRNFmeyWgTRBPDb90F6VGe9U-XPm3UmgeXLjBPBpOYx_PFtJLMAF9h-dZQYxljqpT-FSRvlfWWPF0l2Ia76mD35d9xzD9qXnJRv9z25_hxbfGoZM2i3XGl_FRPxzdCfJJMbeyuBW1e8lX8KMTemAQClIHv--mNRJAkSFQJjpAabFrM-BK_fd8pu4crFuHgY2CU0qMZVJDBwe1RzZ110ARk2zyR8py8L_Um9SN_8mdTpUQemjnzaHnsbXqBhgs9qtrTMxhEODWGj6MFM4WTzAzaVHjw6K3K7ksj7T5W3ctYNdrHSs1p7TLx_jpdvTDQz3VT_Hl6SaE-oOo53Beg5_mfPD1BDavKmjoFtxz7XThvSljoE1RfOQg1R30ivGPpmASx9WrLafOiPXZQMcpBH5T-UBeRjyZpnuPG8OCagnO4OXae-hks39sLw1Wo-z2giEs7eeux5cU8IzIYYYGDu0KYQiAXvzcWbbJrHBRH12zvWRC5VtCrVcaD4FfAhlvQzkCfQ0FMWTOxwrvGtPOL3sghOAE-dk0m8z3pVi25Fw-aKmgiUrEJUgBohc0Gy8ho5dmf6KjVSPpZDa15baljmSAAr79AHfZUTRZcpJRlsNBoS-Y2XqDakv3U0JfO5zB7ztl4WgoXUSAgInNQd9bQtyLiGJUK2JdrewNKYpRfIRIVni8OkFcrylXROTTJOda5Tp8eUZ6ZONvgFDF7ekK-_818aWwv0hd_m0FRE9C5Q-A9KC2jtov5aIRL821L5ewluuDRhAT7nQEWoYIFY38bmj17fzEjQ04enN3bJ3e4SbYqpz-j3f8GyE0E6TJCqE_P1h2AZNtkvu1Daisvca-sEzWqu1EYECytfQ36NoTLzPU8ZM2ZYFxf768RHEH0F3UrO7DCM2AT9SevdvuMbwKGjcbQbJg_bklGjO3X049i7opibrs6YUAsxXmeN4UDu0w6486AMhWyu1Oxjsci_c44mAW_NFwvmPOq1VgTznWXAr2DymGEoCsXm8jPjZ9EK_9_NooP5il-EvFvBdzVIwXFE3vTFonK1QXlgusHgrHSdAimZtwRSdIYEKiZ4B-Mvnu3G5g7_QgIg4jzbTxqMBRV1v2jEv7iMKNjPmVK5DAzvB4irnKSYwXndlii80Q0rsecTeey5TK_RLJhXhr0LuVmWb1ZTZWYS-H9Ad0Uww37CibVcNFTVgs-tqOwKXNpFI_IhIc6mLE1h-IXkb5sfs7DYFfGBO_rolRyKZ1flYNBuUUzyoexJ-DFSNfs_xf3rkMVDdlXIH7kq6xfTuyj-CW8k45cM9yl40kPxgQ9lGvdnTxqCQhM9pxYbZWvzZCA58uFoWfeoi8CszYnhOLJMRUCkuDpRtuJo-GTANe8Gd9wLk9XmN2Kjci9UaU8nqbFERqjl1JK40b4JvwE0FIKvByrQ24pSVth_yBOM0y7_BCWj8S7SdGoEPK74ebn-eZ4dL0bhuoFs9QmZ-WCJDmGfxBEmXYc9EOcFZpM4qTMzyT7TJJtxqKCiisXPj8YD1u2AClprkokqWdxGfYamvh-Jf_UnhfSUZSHFXdRuGCWNisxQpCiOpqPvVhol6hPH7MGwycB7djoGuPrj95xJM3BDKbhlsyHjkjOmzhg_RYhYGWhTIQOs5OXPu3mIy9kl0rYNqaXKbxiYwHyPiLcC9UHQE7lhRRcuLPUNZWZVs775k1cHiz-zqTckPuWjXGio34YysT9rcFp8ofSmy4VowvXuVM4nfP_LyJHJx4l9Fyj8kHEV9jUUwo-nI3n_IvcvDSS92rULn7nmJhVvwjuJmLopwCwVq-2_GJ9NKvDWTtWMQPFK784YTomjJ6CM-BLfE6v0XkdzrdJtUXgTXWL5sDNJMvFv-qU_AyVaXCEF8nJLp9WyXRSVwFHlwjmpPNYp3hyFdy6HxDBAOx9Pes95HX_GFelgL9wCcxJ11YQZeRp9hpVBF-CU4bAMOK4lvHsCkUgFV2vUWXypZZGwyHbjp8uDFrtYP-0qu9qfcsVUK8zS8kh3Vd6Pyy7zp47YVwUd5w9mDqFRf9r6D813EGTmy1Jqx9xTOzXKBv3qGPowfJPI1VFSrkXDJGeKW3mdfy8YbLkt06F5TfbaBTZ6xz71cbfVJ-FTh6F7JSep6y6r_ltzXw_rhb6XysWTlR3gTCWpHletrymQxkdVeJBOz7YCq23VnjY-t8YoZPbCue6ZcYY4PW_EYbyJYp9E1UB5MdC4BY-9GWmxDW8n5pYjRm4-HwkAz9Dq0mRxjeSGAC7C4qrauyAEOORjJvl8ZLJw8f-_0vJcYKmd3sl9T6JmB0mqrif8-UdZZYSFLkxuokERBnicLtB6oLP71benZYHxNz0ncLwovK6we2YFDEU04-aOGzpW300PL66LY0tDT1Er6H-jM9Jx7Fhw_zTo3ABROBnM1kqftTPeCJHttZ_RqU9fQpi62xvRc8ik-h0Oa_8IkRDRizsyTcqLaRTOJulALCKrc96xBq3FeJ3txQoCQqvPo7GPCViZt6LND2XoBpen14NFffE73TAmPbvnZj1xdhXI0KeyFhJ9c2YXxteJ2XzFbcH--7dIO7U524TAOoAI853cAYnxibAfjq-6PCz1jgCfMMxBoaQs9eJGzZr7BiMhT7f4_oTJR2T7A3oLLuejDoGWQxCRtZ1iamnOxsKwFIiCmdwyYt3oUC1tdoiRdHq8WKd5GmMiqg1mi1wunjMHy55QE10XvSq6BYh7AK7B9yvlFL9iCRqug&cid=CAQSOwDICaaNF6LUOmTfrsyMdL5SbWjy_LhD0h8nonOi-rRUZUnP0CSFp2d8RGge7H3Nv_XZMggxdFaq7a9wGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.thestar.com%2F&ds=l&xdt=1&iif=1&cor=12964468369009750000&adk=2228999115&idt=161&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
38232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 05:23:55 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 136E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 15:31:20 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame AB0F 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 15:31:28 GMT
gsap_3.8.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AB0F 		62 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.8.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25068
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 20:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 16:01:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 660D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 05:40:11 GMT
etag
48472445140208031
expires
Fri, 10 Nov 2023 05:40:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 136E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25ea521cb3580e57b11ff127db82ccaba78a9538a4179ae6705a935fd34a03b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		86 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
405c4550c8b2401dde63474ed294096f926f4247df590187152a808ddf7dfc22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:07 GMT
expires
Fri, 08 Nov 2024 16:01:07 GMT
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 136E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAgq8bVuUpIexwSt-Mgo02ucv2zGorfAkJmIuRlY6Bx7BCeHYcqI_zedl3dA7chunAoCEnUg2L8hcxCDMMoxlYNr4jM2ossZyzBqceXMRoVo2exeWRdasn7mdqeiAjtFwXszucyAUb327g-Ecw63WxGvYvaj7DUa2m84NUi7V1O3epAfsAQZndc33cVc7RPmm1ZTTaeKlgVexNOYVrsoEKjPAvc2SNWf0jxFJ1NGMSdQyOPw8ECV7WJzQ2F0T-ViSrCInLnvkL7vd2ZgwoFyi0qYRSTVpf7PRm5-jOs_Ox5g5fzrxM77zkuAh_NtsjKlfJan8_rSn4zRqaIN2TNgldbsMt_Sheb2LdngEC8GsFJHcWtk-qACn9KIF4ccXxHAfLqt6_fsL-jaHyo-2unbpLaL5KoXgBSpOr7nW5CiQyG1TIBqBOyi5vRMr5WnR0MkVYVbOqXACAiKbHJX-Y8jDXcjuJ4uCfNGLI33nUdpmtM58UkS7zbIZ4hTZUBxw1Im7iPUlcW8Aob0mJ1pq9RuSqkOsfdKDJXnUFedcrdZP7G90RrCr2prFm7zZLR1lZ3YWZa--L6DYy2z6mW4Ulu0On6SnenvuunuJ2x89AaZotrknKVA69_nP5k4jKINBMkWMvLy3PJtClj2yFY6ej0eWuxSinx13zGGzhRjeUyk9K8o3FTpWotivXGnJS624QYy1fCGdkouShm2q8pFXGCmwsztl6AqPCK5IOAOzc9-Hk3G7SLizVxEItPOMvqwINkV1w56lmcuJC9p7E3EMRdYO_DWjNdLt3ojKdH3BvUi2S7mUnJi36fl5C-lYhzpBGXrAsgXnUOiP6j4liA8DYRlUnduvgQ5fWnfO0jNtOzW-nwJmb5tzepd0gWSEpzhHGkBbfpm3_UNNssfMKqWhlfRPrdnjMT-YWBTjho6ATrHVc-I4pSNxhIGUPIn9fazB4YsAX94LyKbT9kd0kLGXptaf01AWXe0MrvWe09lIDMDd0FjY4PP1d5x2OOkdCZthiDA1MrQ7s5JpkA0pIEwvzPRUGArl-eRDmcBnucbDAJu6Te6a5IlepgBHHRyu2FHnNbDG2XgwTjHbbL9nvKiU7Ypj0H5S_tfy2EQ2zysT-Zb2DIZjyEN8bhfBoGQD-a2FN0AT86bIitnhP0OTOZon9bbPUW3iaRwhDA37bOF9JryCTZIwVjeftWUQlDEJLwuISoJUVofkEzJFbJHbtp6JbuWsgz124K7BSu1bkq1yHjCdsFPTpv4Z8K585Q5SAVGK_KMq899M5MdBIibyJq9TPDVl65Dd_eKQ0Du77QNr6nSQM4N-YRE7rLa5G5KItJyy2fK8_ypBkKxEh2UaqUurTttfxssQ0Kcxsn2tdOGeNwkZnvWLS6OEEVQcb7fux-0c&sai=AMfl-YR5GHlEydAQaWqgl3itXL0-t-uQM1dlFpv-SNq4Ydw4wHmgCVv7b3DEMU7WETkLoCWJ8Epq_FXKEHenG4X5sNyhiEsqvn5-Pm6iMfMltYm2YXuT_4GoJw_FdKcy2lB2FyJJ28ggsuy7MoIk7Kxo5kBKo6NgupkrEthrTCuBQZbPSao4HS_SqsgS-7TFxuxIUx8O_5gCuzBL5NWsIgtz6aqBKKSG0AQMCYZk4sHMJbe58aZ8VeU-btNGOUr88EACiB2K&sig=Cg0ArKJSzOPuJZHgu6QvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=85&cisv=r20231106.52892&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 0F2D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f58e08e6564339f6d9cc1d9cd4af8950b7598a4f94733edf1fe6058acdddb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 660D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlUwQ1FBQUFBRG1BVUFOdw==&google_gid=CAESEJyX5WgCKlooJNihJb16HTM&google_cver=1&google_push=AXcoOmQJ1Q0gG2ZsPC4V48Dehc6P0udx3z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlUwQ1FBQUFBRG1BVUFOdw==&google_gid=CAESEJyX5WgCKlooJNihJb16HTM&google_cver=1&google_push=AXcoOmQJ1Q0gG2ZsPC4V48Dehc6P0udx3zomoMciQjBZHUZED-MDHIKRdMeAc8-TGOBE740ryj6SfQSZHRMBNv6tm5CQhH550urY
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4536-YYZ
pragma
no-cache
date
Thu, 09 Nov 2023 16:01:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1699545671.994974,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlUwQ1FBQUFBRG1BVUFOdw==&google_gid=CAESEJyX5WgCKlooJNihJb16HTM&google_cver=1&google_push=AXcoOmQJ1Q0gG2ZsPC4V48Dehc6P0udx3zomoMciQjBZHUZED-MDHIKRdMeAc8-TGOBE740ryj6SfQSZHRMBNv6tm5CQhH550urY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 660D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEXJOyEFfvCNcKhrZH7eg4k&google_cver=1&google_push=AXcoOmRBuh-1JFkpF29fCvtP2fbuBFdO54wdC_zrt3F1kSr-9HFJswycUaw-VTEaGkB9cwNmZTpYEjgdD_z4VOv2-f6wmxr8vu8
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 09 Nov 2023 16:01:06 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 660D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA_c-eawUnA9JLdzAS52gFQ&google_cver=1&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lAN...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRExZSFotMUwtTDlaSw==&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lANrLspLNtPjDqlKK9e3Sx70j8Yv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRExZSFotMUwtTDlaSw==&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lANrLspLNtPjDqlKK9e3Sx70j8Yv
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRExZSFotMUwtTDlaSw==&google_push=AXcoOmRcyyHPeFBlaHf4d5030pxUvFGoiou2WfX6xU2FnG0PNSiTYvNPP3DgkVIhwULqaR7_lANrLspLNtPjDqlKK9e3Sx70j8Yv
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 660D
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBbEYmgNMJH-OnWF-iGvEtw&google_cver=1&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ&google_hm=aaab324b61297eeb30e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ&google_hm=aaab324b61297eeb30ef6babcf1565e1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSN5NW9-BcMkt5nTfnEgxX2YUsgwLUr74hlT8jzTl5784i8EsxhWZCOs9SE2qRIvss9tVm_DaQg7X9G56Axv7VaruiOmKEZ&google_hm=aaab324b61297eeb30ef6babcf1565e1
date
Thu, 09 Nov 2023 16:01:08 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 660D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEL3RL0_qmScUcO88ta2ZY0Q&google_cver=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUw...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEL3RL0_qmScUcO88ta2ZY0Q&google_cver=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKH...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=qM0hMZseTH233cK5gs2e8g==&no_redirect=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=qM0hMZseTH233cK5gs2e8g==&no_redirect=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUwR3lSxQjQ9tzFB1ViCrLFz2FP
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=qM0hMZseTH233cK5gs2e8g==&no_redirect=1&google_push=AXcoOmTToG_eXnLWpQGEjEL9NMZbdSGCmvDPuyZ_vw78AJXClLvWTiYSi_4k42FtueSuKHKzVPUwR3lSxQjQ9tzFB1ViCrLFz2FP
date
Thu, 09 Nov 2023 16:01:15 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gobRedirectFromId5
sync.inmobi.com/ Frame 660D
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEB-k5mtHRYLXuoy_tU5phTA&google_cver=1&google_push=AXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16izV9N836Zcw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa-...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-64feXG7jem6itz90iSgNIGbHPDeQm10Vt7LGlwuPqA&google_push=AXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16i...
0
0
pixel
cm.g.doubleclick.net/ Frame 660D
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEMfrtUL_E2bPJzfh9d_vqkY&google_cver=1&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO-pcvg&google_hm=4df39c49018b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO-pcvg&google_hm=4df39c49018bf5b81a83pb00lordm0lt
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSpEeioB6_LY_g9Hi_0LqdHz5ABy-xHz-g_v9Fk8FKUFwba6_viDM_IzxKB7g43xr6JJhdCUxnPqVRqsCM5vS2wl-fjO-pcvg&google_hm=4df39c49018bf5b81a83pb00lordm0lt
date
Thu, 09 Nov 2023 16:01:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 660D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZ4zfMhpxopf3D8Q8R_mK3CuJvJEKTDVpySN6sUWQfApx2krIV62H2_9DfbwjY7uNg2ODRyK3z
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 9856 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 15:31:28 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F81D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 15:31:26 GMT
expires
Fri, 08 Nov 2024 15:31:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 03E4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 15:31:26 GMT
expires
Fri, 08 Nov 2024 15:31:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0F2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxoXH58UHut5uNEwGI6trXOCTdMYCyIwA3aynTeF1Zal-IaNwEsGxmADQBi52arqO5jlMfOkZKTXG_Uns3GlZ_OCrsRSkNfzhD2PqFVGRIjDOdVKQyTKNH0aHXScRgg7b-dcNj8_10Okex-Hqz6RoBrQE1zUm7pkf_SyodVOiOJorGAxmexE4gxGA--nTO-dhTyiQZY46cSUGM0SHMqwNszBMtELsIAR3dYRSqpszAmefwiz5_KcD77sGJ-lioNR6V6RuvC1CP3YtwHxpWZWpbx0xey-6m_OhRVgcTlYcbmF3j8ifi7IoXqBD5L5MHhAZnvXRaTF6TMAqc5thMNbZA6BnlndF5XizWuRlzYDbe8Y_sJK7pFPPTL0Kxj7KKFR5Ww33Oicyo5nexbfGpVacuJN2ThNs-vKnMdLOsrxhoeVwkWKHzagGlyg_1zQ13VGjq1zqCexfdMjNMUWQZXEz1g36ydVK52jfFSYqY4jPaeWFn_wDdowNqW9koiDH1qY8h30Q0CLGNekYyFV5Fj7R_4i0-ZJv-SIghwrwAt2TT2OHA53019zvfkqiKszxMz7yHFVjGfJ5XSCdhEV8sFUfbXPNf48udTnC4Qah1vHEvyDaEXD5tHAYiSYDaoLDMrjz5dmrg0W2I9wCNPjTD0KhSYteVJ8pACDELoCWCEM-maww3jvfVihpmY0nfzL8hvS0y4lrSz6YWd_ppZismkqKyC6axL9xxpn2e75b_wtkFxpCioU1zXuMWAB81L1u5Dksqy_aC7vk33Bk3qwDSu8r8KKuCJXcpeUncwTGaxEHJORmupF_-I9zZO6wOBMNYQrMv8M5d9lcXCUe9YuOoObOuuPPbjMBMCuzLkibByxiCLEo8O3vZBqURGzyEFkLsxsDmsJJ0AcutCMxh3FwkDFwblduuakAV89QJPZmht86Tqn1ZUHJtaOpJ0DZvikMxoCi5HksHC3EIaLHdNa03cHpNEHQQUJo9-q9-8N0RRh3jDjHoRJU4hvBRdqe5Dan5V0fHzcRtu_eMWhoA04njHdULpKEuobGa7u9TpyvqCdxeTNuhdMXsRYX2EkkGgSG1O1KB4J94TMvJhpKzPrpL_qKM1v41dIy-NkSdd4j2L-8iQwSoWcXQ6jQVDJbV6LdYzg8YgGZ3ZgyPVBx6Yc7yMRpnRXOd23sI7WAj0PSp0Hzdsjq61D0zKpgVX1u-iJmhCDhhTlIr3BdBr2ldcxaJAu0Rp19JPqtM-PYl_hC-5WijITSoXhBPYW5M5JuhRQU9xGV2J00hw8J6JodwjTWv1F_teNChFauEZxwMcF8OFdTsnfiXVJlraqC-DJ17wuPkyjmF6TGhHQsInPvYPfb-WwY4W3u9wt3KnF5p77UhSQPmW8JJOrYERIOE07mGCA4a5LXTgJLZDQUwXB9xd8JzOLE8MJIJVn0&sai=AMfl-YTq2fOsY4-a7--KPSXLLkN9E848j_UOoQO1E-xl9-_ARRVDEr2lvc_kuolh6_PDoiif0lHXGIFowAbEer2C4ybnms4YjJMiKY2pK_YNa25uiZReYQj9_Oj0mWIZ7djZbz9LvTPvF166xK9Q_70PZ1irEpDdGG434PgaR6sAjj9AlhbF8SGNvBiGenImn2AW79OR-uP1jauZwMHxwRuf-GOaSkgJaXrptfigpmzrskiG3ROx4zbnCo0sN9kI94MKyJbhaOdqEDspNahg1qJKW-nuHyNwp-DnER5rlECgcHPW7aexWmWc7dVt_YO8rNJaDAxd6B3qTJZ8QHx6uL8sYG3GupFJjZ8ViktPnZEmYcYImq5p4SzCGFvBeeM6sLEKmQhrs_IEp-3QxN48frlaOcPQ&sig=Cg0ArKJSzJckq0Ks4-cKEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=448&vt=11&dtpt=275&dett=3&cstd=163&cisv=r20231106.22433&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AB0F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
990c2778b0648232adba8272c8caf79bccd7b6a1d540a7396b75de0518eb660e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5767
x-xss-protection
0
preload.jpg
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/preload.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 18:39:32 GMT
x-content-type-options
nosniff
age
76895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2255
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 18:39:32 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame F81D 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:37:36 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 03E4 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:37:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 136E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAgq8bVuUpIexwSt-Mgo02ucv2zGorfAkJmIuRlY6Bx7BCeHYcqI_zedl3dA7chunAoCEnUg2L8hcxCDMMoxlYNr4jM2ossZyzBqceXMRoVo2exeWRdasn7mdqeiAjtFwXszucyAUb327g-Ecw63WxGvYvaj7DUa2m84NUi7V1O3epAfsAQZndc33cVc7RPmm1ZTTaeKlgVexNOYVrsoEKjPAvc2SNWf0jxFJ1NGMSdQyOPw8ECV7WJzQ2F0T-ViSrCInLnvkL7vd2ZgwoFyi0qYRSTVpf7PRm5-jOs_Ox5g5fzrxM77zkuAh_NtsjKlfJan8_rSn4zRqaIN2TNgldbsMt_Sheb2LdngEC8GsFJHcWtk-qACn9KIF4ccXxHAfLqt6_fsL-jaHyo-2unbpLaL5KoXgBSpOr7nW5CiQyG1TIBqBOyi5vRMr5WnR0MkVYVbOqXACAiKbHJX-Y8jDXcjuJ4uCfNGLI33nUdpmtM58UkS7zbIZ4hTZUBxw1Im7iPUlcW8Aob0mJ1pq9RuSqkOsfdKDJXnUFedcrdZP7G90RrCr2prFm7zZLR1lZ3YWZa--L6DYy2z6mW4Ulu0On6SnenvuunuJ2x89AaZotrknKVA69_nP5k4jKINBMkWMvLy3PJtClj2yFY6ej0eWuxSinx13zGGzhRjeUyk9K8o3FTpWotivXGnJS624QYy1fCGdkouShm2q8pFXGCmwsztl6AqPCK5IOAOzc9-Hk3G7SLizVxEItPOMvqwINkV1w56lmcuJC9p7E3EMRdYO_DWjNdLt3ojKdH3BvUi2S7mUnJi36fl5C-lYhzpBGXrAsgXnUOiP6j4liA8DYRlUnduvgQ5fWnfO0jNtOzW-nwJmb5tzepd0gWSEpzhHGkBbfpm3_UNNssfMKqWhlfRPrdnjMT-YWBTjho6ATrHVc-I4pSNxhIGUPIn9fazB4YsAX94LyKbT9kd0kLGXptaf01AWXe0MrvWe09lIDMDd0FjY4PP1d5x2OOkdCZthiDA1MrQ7s5JpkA0pIEwvzPRUGArl-eRDmcBnucbDAJu6Te6a5IlepgBHHRyu2FHnNbDG2XgwTjHbbL9nvKiU7Ypj0H5S_tfy2EQ2zysT-Zb2DIZjyEN8bhfBoGQD-a2FN0AT86bIitnhP0OTOZon9bbPUW3iaRwhDA37bOF9JryCTZIwVjeftWUQlDEJLwuISoJUVofkEzJFbJHbtp6JbuWsgz124K7BSu1bkq1yHjCdsFPTpv4Z8K585Q5SAVGK_KMq899M5MdBIibyJq9TPDVl65Dd_eKQ0Du77QNr6nSQM4N-YRE7rLa5G5KItJyy2fK8_ypBkKxEh2UaqUurTttfxssQ0Kcxsn2tdOGeNwkZnvWLS6OEEVQcb7fux-0c&sai=AMfl-YR5GHlEydAQaWqgl3itXL0-t-uQM1dlFpv-SNq4Ydw4wHmgCVv7b3DEMU7WETkLoCWJ8Epq_FXKEHenG4X5sNyhiEsqvn5-Pm6iMfMltYm2YXuT_4GoJw_FdKcy2lB2FyJJ28ggsuy7MoIk7Kxo5kBKo6NgupkrEthrTCuBQZbPSao4HS_SqsgS-7TFxuxIUx8O_5gCuzBL5NWsIgtz6aqBKKSG0AQMCYZk4sHMJbe58aZ8VeU-btNGOUr88EACiB2K&sig=Cg0ArKJSzOPuJZHgu6QvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&vt=11&dtpt=150&dett=3&cstd=85&cisv=r20231106.52892&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AB0F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:01:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9856 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
1612d90c1d9c22035e01a7c4fb758a0b30fb477884e93e74c0e46bae56129a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5775
x-xss-protection
0
preload.jpg
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/preload.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 18:39:32 GMT
x-content-type-options
nosniff
age
76895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2255
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 18:39:32 GMT
replay.png
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		457 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/replay.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 18:39:36 GMT
x-content-type-options
nosniff
age
76891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
457
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 18:39:36 GMT
poster.jpg
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/poster.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
04492f71fb6251dcf88c48f3a0de6beb943b7e79a1c666f370df75cf2b3d0733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 18:39:36 GMT
x-content-type-options
nosniff
age
76891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23578
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 18:39:36 GMT
file.mp4
r2---sn-tt1elnel.c.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9856
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-tt1elnel.c.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/acao,ctier,expire,id,ip,ipbits,itag...
228 KB
228 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-tt1elnel.c.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DED4EAC59C2581C0A20971FD471EAC405CF7406.848B1D4038D88425034EAD0A4C8A7BE9A158368F/key/cms1/cms_redirect/yes/mh/Dw/mip/62.3.36.80/mm/42/mn/sn-tt1elnel/ms/onc/mt/1699545412/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
74.125.0.7 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s12-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
9735fbe1f6c8e1f808e3f2a1b503043c39768121192d243c989daa43442adb77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Nov 2023 00:06:34 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-233198/233199
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
233199
Expires
Thu, 09 Nov 2023 16:01:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:09 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-tt1elnel.c.2mdn.net/videoplayback/id/511940443780fcdb/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731081667/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DED4EAC59C2581C0A20971FD471EAC405CF7406.848B1D4038D88425034EAD0A4C8A7BE9A158368F/key/cms1/cms_redirect/yes/mh/Dw/mip/62.3.36.80/mm/42/mn/sn-tt1elnel/ms/onc/mt/1699545412/mv/m/mvi/2/pl/24/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
639
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9856 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:01:08 GMT
truncated
/ Frame 9856 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
prod_studio_01_250_videomodule.js
s0.2mdn.net/879366/ Frame 9856 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:36:44 GMT
replay.png
s0.2mdn.net/sadbundle/16724850497217672109/ Frame 9856 		457 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16724850497217672109/replay.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16724850497217672109/index.html?e=69&leftOffset=0&topOffset=0&c=VAHfl3zkal&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 18:39:36 GMT
x-content-type-options
nosniff
age
76892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
457
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 00:06:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 18:39:36 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame E582 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:37:36 GMT
main.76f77207.js
s.pinimg.com/ct/lib/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.76f77207.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3b8878ff81bcceef1cd9a6d28040b9bcb020a2fcb572320897b8affe4f15f88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"f0fc5876c4e0ea58dfa5cf2950e72df3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18881
gen_204
pagead2.googlesyndication.com/pagead/ Frame F81D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5qg8QwJNZaSAGfm1oPMPtcqg2AEAAAAAOAHgBAI&bg=!5-Sl5KvNAAb4oU7C2KE7ADQBe5WfOI9rpFr-1OD-PBLGjPFGyBhm7OGghCcfZ2wTTwWZAS45rNi5mP1vCFuYDZRo6LsRAgAAAixSAAAACWgBB5kC9l28kxoIoJPLk6ZsW0gqjG20WRXcOVENYSz1snKgso-32ej8Znlyq0vYGRkFQC7kwmEoAxkfQpf18vQgItAIo1EH4H8kBGmBiVLHbDXHahmsbEraGPhyP-Q4gS22-BCN5aVFWnd3wJcEnFiKZs1aZ6-bN4xqpMA2lmMPrq3bn874JoNqbNU6puc4MjcgqFrET2kutSy5vu505A_TURBUZIdhfBfIiHzIit-Kywegr3w0h_K4okspyiG12pr5kvy3HyFWdmKuVLLv6RWdIgYOm4-yQJovPh2OxyjXgS9dyPjXs8fR8dRQQwqljQ7IC266BdfIJ9OrACBXTp5grOHApR-dmj1bPY6lj2SdNewEgjYmnM0o2luqijkXwa1sIlG-3AEt-cNgorxgds74RoD8X03nWwe3b5XQm4Qg0glq8DGhJiJoDTD7mtZt46JGiPg8oOpMHVo026UV3gJFqY66rDhUgARit3LWclfBHuvTI6N08LKuO2FoBftUSDWDsz3ELpJRLV8FSrYjAFOSBatFHR9lmbJQmRCc58tB05oqFETQiliZALjb9ujHvp_mG-EBQNe64_xXDgTIkg0Nd5SlNYqPJer_7_0K4bC2QK5DPmoWftC1Xz6FCjuVMRlFaSY9zvDP5oaYfyr6JI4dGn1-A5d-ByPwQCWIob6S-3YPXGdrFVFYQ2vGJVG1ikcBjbkD34yP10vvfLbsUjM9RwOw0Kif0yrNgZSM18sZv7M9HXrtIEA7HHlj_uWqHYO9uIRQbczw9HPyvSYw2NL89xCsxYkTwk6YCQ37asLIivwlcWgiUl4v9IoDkzYeW4xQqEDXH-lJRQwVs6OkJD6dVDIOzC7S4I_wp9AXXoiEyTIHYxPorgYqUQP2igdHgVPMMRCvmruMtlgVlexrNF5YHlNLP8uL6fD7Fj-ECdQ5BqfXxuPltuq1Uzza2vMEytJeaUzNLXWoess4eLUCSDUDP3r0MHZ3wqd-Grvnq52unZ4xh-vdWLDGh1Rq
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 03E4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbK8gQgJNZdWeIe7tvPIP95KIcAAAAAA4AeAEAg&bg=!cnGlcT7NAAb4oU7C2KE7ADQBe5WfONsXDPLpWKc30qbJCMgyhGn76ctPa48qCya7A6r9NlyPBfH0ZLpVgQIQAz9UD__GAgAAAiFSAAAAB2gBB5kDCK34KojrY5crWTRX0jZrbV8CMn35xTT_ICS55IITgDUxAHUOIgfxcgFoFQWjX0wuYrPGUAft0Zjucr7uaJt9tzkvI_NHaY-CTqY4xOUzmfh436Yhe276X7CMB1UORgaK2dWWlZbravDHtunpnZ2gEja123MZe_yAkWtMOET_4SYM5dYQiEgdcBou7_4e9ztwpi7lC3PnA5TRJUFn88vU564JW0UHkJJcAqz-a6oOQP7J02kTxPlyMLLTugkRq8ybQ4rq78ZGsS6XVH6A7KSZGCuqOwaQuGsMTFrSw0aGdEcct-GuOhOv5IBVlFSoFWuZVZQsLon6j9MIWe1bHv-ySA9vGNq8Dduwo_CkI6gZ7SqeXoGgVP7uWMFMyFWgFVgCdFFb2v5O0JnIN87yWFWM7QEwFBR-QmrhEMhBqeqhnqPcIY8ZuFfgf4BSZj28E_8n2jRHVRpq6nKCyUkapA3MN6tSX-Gn1jGQ7freQZAWwM2NGf8fLNQ7nlV69mbPIOnGieadKA4DHzlm9k_cNQQiuq2y6bGhKvuDJ9U5hTJNKOAZgmXaXu6qJKiKJ8MVuDaogVqdMjEW_90xP8XNvLla6dUOSMatd4ZePZycKOFGOWnVVPiCiyLAP9GoPGDQ43E5P1rFKIPFqQ7BXYrGpQXhq6FAFrewJrxG8VY00Eczv1GlUOAW6VK1zntL0mi88hQ7mSkEDZqc42XDLxSxMsfLOwUhc-HBcdR5qPE_zSly-Watke9hQFhPPfIl56lWsmt2LtU8EbeRIz4u1Uq2_K1eXkYqHFzRregPeEVtgGqTnjfhlHoXiCMdQqg2_ITcP9gBVPQBRgqaCYhwhbTC__Kmw_KeSII2jxnv8xV3ILvDyyywKbcaVfzMZ8UgeB66EEmnYjtBj0Aoz3iuanbRxr7O2Ivpmwy5iJnE4LNbuKEaOdxjrORSjY04eYAWRAwztd28teXbdRGpB9lReDYGeY9smguY-N-0CxQvhRFj74-mnom2H5X6ExTHbYDnYw7QZYwjDq2QpNx5B7d4
Requested by
Host: 15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
URL: https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame C66C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:37:36 GMT
/
ct.pinterest.com/user/ 		304 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612846434758&cb=1699545668449&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.76f77207.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.117.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-117-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.9969dc17.1699545668.17685183
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=600
content-length
174
x-pinterest-rid
3320932877674668
pin-unauth
dWlkPVpURmxZalEwTlRrdFlqTTNOaTAwWmpNM0xUbGhaamN0Tm1OaE1UVXpOVGsyT1RZMA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d6951f45f66563771add4a1e3ca61db071303140
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2276f77207%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1699545668451
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.117.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-117-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9969dc17.1699545668.17685184
content-type
image/gif
access-control-allow-origin
*
pinterest-version
d6951f45f66563771add4a1e3ca61db071303140
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1746534346812620
expires
Sat, 01 Jan 2000 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C43C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9hvlARLdu-yyi-wSLkGFdh98TbaEZxqkSppGCEC4vz_2tlnlWAdxUhZjmDCOhGWyAfDrAX_aQMx46pgtiNaR4pgDu59ZMvv5wcZPsCw2_uiDMcezInBijpA2s0Aej6EuYjt9NQG0zmQ&sig=Cg0ArKJSzIjvkPnnm9BSEAE&id=lidar2&mcvt=1001&p=145,799,146,801&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3334131667&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699545667068&rpt=423&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 136E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2rnwDU_cWYWN_4TZ0MwtsZa46svojanWjeld9SSYDUzJNhgI4n6LJN4QgKnoYCO1i8orZEZ69P69G0qNFJWsQ3GBhfcj7u3xQa5PP1qBNNxctHECuqwzesbSgFBq5A0np6D0yEtVeew&sai=AMfl-YQbpU18KpmnjjTMfWbKaMaOOCS8tC20txRPcKzMyG4SdduRH5ikgHvaFiN-8ZeNwl4WqJ8vOxzD4GEWUrHbR02ZrDKGXM638oovpY8N4_zfXRaxI5qOscG2G6Y&sig=Cg0ArKJSzBROivwWblICEAE&cid=CAQSOwDICaaNF6LUOmTfrsyMdL5SbWjy_LhD0h8nonOi-rRUZUnP0CSFp2d8RGge7H3Nv_XZMggxdFaq7a9wGAE&id=lidar2&mcvt=1000&p=21,436,111,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4245816087&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699545667045&rpt=530&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 136E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9381953852812&version=m202309260101&ct=119&x=1&cor=12964468369009750000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		2 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
cc7e1c6831c401711fca60deaac8ca16e9e2c88857eec927f2282894bb952839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 03:14:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
625
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 03:14:13 GMT
controller.js
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/controller.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
37f23c44262cc250e7c455aaeb0e50b0ad81a5d6c48f935daee2e3d6fce7f136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 02:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1444
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 02:42:10 GMT
feed.js
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		133 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/feed.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
7492f0bf86f7bceee459f108b48b10d6047f081db9b1fbc2d7896159c1f7c622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 02:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7409
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 02:42:10 GMT
60005477_20231002123456947_background_1.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		353 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123456947_background_1.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
3c746fb9e00d902dff2611587b97158ec62bf8122e91eefb718f06c64eaf3c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:27:59 GMT
x-content-type-options
nosniff
age
5589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361129
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:34:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:27:59 GMT
blank.png
s0.2mdn.net/ads/richmedia/studio/pv2/64676957/dirty/ Frame AB0F 		176 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/64676957/dirty/blank.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
8a8fadfdebcc65982f3ec100c3ef0c3e23f0ebe1c2475b075875afd9f44e352e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:36:38 GMT
x-content-type-options
nosniff
age
5070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
x-xss-protection
0
last-modified
Wed, 28 Feb 2018 18:15:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:36:38 GMT
60005477_20231002123459584_background_2.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123459584_background_2.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
d4da984ab14861fd17c8ce218f016dee47960a7cbdd91981a8ea0987f57be5ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:10:16 GMT
x-content-type-options
nosniff
age
6652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125163
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:34:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:10:16 GMT
60005477_20231002123502773_background_3.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123502773_background_3.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
556d7f40adb462fc4a6a8373696a4e53a63c0d6df011afef3c92ec2599e9bb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:10:16 GMT
x-content-type-options
nosniff
age
6652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311715
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:35:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:10:16 GMT
60005477_20231002123505439_background_4.jpg
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		314 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123505439_background_4.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
c9210e1a42a369783a55ae0d49757d7de213e652f1063943754479429f71a364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:37:53 GMT
x-content-type-options
nosniff
age
4995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
321358
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:35:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:37:53 GMT
60005477_20231002123454332_overlay_4.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123454332_overlay_4.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
e82d0fc54760c4309077150fcc0bd50950ed8efe85f1b62384b48ae55a0d2c35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:10:16 GMT
x-content-type-options
nosniff
age
6652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17303
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:34:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:10:16 GMT
60005477_20231002123508224_eventlogo_4.png
s0.2mdn.net/ads/richmedia/studio/60005477/ Frame AB0F 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005477/60005477_20231002123508224_eventlogo_4.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
69c3e628ea4efaec17c3296b180c8efd1b6ea6f457f5f39e6013da8c4595d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 14:25:43 GMT
x-content-type-options
nosniff
age
5725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74105
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:35:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 14:25:43 GMT
HyundaiSansText-Regular.woff2
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/HyundaiSansText-Regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 02:42:10 GMT
x-content-type-options
nosniff
age
134338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55536
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 02:42:10 GMT
HyundaiSansHead-Medium.woff2
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/HyundaiSansHead-Medium.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 03:14:18 GMT
x-content-type-options
nosniff
age
132410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54212
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 03:14:18 GMT
HyundaiSansHead-Regular.woff2
s0.2mdn.net/sadbundle/5581059628650725376/ Frame AB0F 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5581059628650725376/HyundaiSansHead-Regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
491db333910d8dea0ead4180be995a2df610c3d02bcd11817f9bfd24bcc38dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5581059628650725376/index.html?e=69&leftOffset=0&topOffset=0&c=ajVRLGZCWM&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 03:14:18 GMT
x-content-type-options
nosniff
age
132410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52440
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 20:51:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 03:14:18 GMT
eligible_by_element
mia-placement-server.rubiconproject.com/tracking/62019/395/ Frame C43C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/62019/395/eligible_by_element
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.202.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-202-190.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:09 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b05016baa9261cc2c9cd5fe41770498f5d119684e2d1895da76d9d0b6a2e80e7

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545669522;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 136E 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545669522;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
excluded_by_insertion
mia-placement-server.rubiconproject.com/tracking/62019/395/ Frame C43C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/62019/395/excluded_by_insertion
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.202.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-202-190.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:10 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
standard.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/ Frame 6931 		390 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/standard.js
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.250.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
a48b0246d267174fe105974626461384259025996252802c7b04bbda691440e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:11 GMT
Last-Modified
Tue, 31 Oct 2023 14:48:38 GMT
Server
AmazonS3
x-amz-request-id
PXNXVZD99HCHCY95
ETag
"c4b010fafed97910b85a6a11c85ba934"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
390
x-amz-id-2
nG+kcnjnEQwHmd125ZAv8rXBzoPnraEXAqfz4JWlF6TnsZV67SgROkWPOXRYh/MMD4IBzEHEl0I=
freeskreen.min.js
static.freeskreen.com/ba/22/ Frame C43C 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/ba/22/freeskreen.min.js
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/passbacks/standard.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-21.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bb05bc0a6f02c90de52b1a2600ee3524a379b0a1bc01b14079b2c19371c1af1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
Qb5vjlXI9EC2gLvpj6f5a4y5gFJRZ1o3
Content-Encoding
gzip
Via
1.1 6ff4697c5089876d94430beacc9a4d5e.cloudfront.net (CloudFront)
Date
Thu, 09 Nov 2023 10:03:43 GMT
Last-Modified
Wed, 29 Sep 2021 21:16:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD66-C1
Age
21449
ETag
"4d0871684e9b79b9dcde7ccd604b0c1e"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9641
X-Amz-Cf-Id
bJUdhT_XguDit9FUtIgvyPade8IspWiD-5IAzSq_6G8IFFrV0rfHBg==
passback_called
mia-placement-server.rubiconproject.com/tracking/62019/395/ Frame C43C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/62019/395/passback_called
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.202.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-202-190.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:10 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
script.js
sb.freeskreen.com/publisher/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.thestar.com%2F&usp=&gdpr=-1&cs=-1
Requested by
Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/22/freeskreen.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b267136601da10ffc06958cb25d4d4cd7e8f01ce21c01172de9022ee59e68a09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:11 GMT
content-encoding
gzip
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
21676
expires
Thu, 01 Jan 1970 00:00:00 GMT
p.gif
sb.freeskreen.com/ 		0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/p.gif?fsk-px=VG9yb250b1N0YXI
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
pragma
no-cache
date
Thu, 09 Nov 2023 16:01:11 GMT
cache-control
no-cache, no-store
server
Apache/2.4.29 (Ubuntu)
expires
-1
ac
ww1772.smartadserver.com/ 		212 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=113132605&out=js
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.thestar.com%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:10 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
x-smrt-i
7974420
cache-control
no-cache,no-store
usync.html
eus.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.thestar.com%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.146.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-146-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:01:13 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 09 Nov 2023 16:01:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server
AkamaiGHost
um
sb.freeskreen.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
  • https://sb.freeskreen.com/um?sa=4931313997601554858
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?sa=4931313997601554858
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?sa=4931313997601554858
date
Thu, 09 Nov 2023 16:01:13 GMT
content-length
0
um
sb.freeskreen.com/
Redirect Chain
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://sb.freeskreen.com/um?tlr=7d924210a71944209ca74cb5888df183
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?tlr=7d924210a71944209ca74cb5888df183
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:11 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?tlr=7d924210a71944209ca74cb5888df183
date
Thu, 09 Nov 2023 16:01:11 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
smaato
cs.admanmedia.com/sync/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
um
sb.freeskreen.com/
Redirect Chain
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0
  • https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
  • https://sb.freeskreen.com/um?ni=938d24a76287bd1f94858a72632d41ab
43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ni=938d24a76287bd1f94858a72632d41ab
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:12 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

date
Thu, 09 Nov 2023 16:01:12 GMT
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sb.freeskreen.com/um?ni=938d24a76287bd1f94858a72632d41ab
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame B38C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.146.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-146-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
63361eae08552196b908a442e90b9844cff15fe33e7b7c942a20469d1b1e9aa2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 08:04:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57790
Connection
keep-alive
Content-Length
13280
Expires
Fri, 10 Nov 2023 08:04:23 GMT
khaos.json
token.rubiconproject.com/ Frame B38C 		7 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
um
sb.freeskreen.com/ Frame B38C
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LORDM2OO-M-J4Q
  • https://sb.freeskreen.com/um?mg=LORDM2OO-M-J4Q
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?mg=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
52.6.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-250-117.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:17 GMT
server
Apache/2.4.29 (Ubuntu)
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type
image/gif
cache-control
no-cache, no-store
content-length
43
expires
-1

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sb.freeskreen.com/um?mg=LORDM2OO-M-J4Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aba11f721e895214779358f14e5b2a27
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=&expires=30
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=&expires=30
date
Thu, 09 Nov 2023 16:01:14 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFmZDQwMDA2Y2E1Mzk3YjEyZTEwOTZhODYwMGJiMzMyODllMzQ4Nw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFmZDQwMDA2Y2E1Mzk3YjEyZTEwOTZhODYwMGJiMzMyODllMzQ4Nw
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFmZDQwMDA2Y2E1Mzk3YjEyZTEwOTZhODYwMGJiMzMyODllMzQ4Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B38C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SDM5Wd14Qt2Zu8yXKGu3ug&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SDM5Wd14Qt2Zu8yXKGu3ug
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SDM5Wd14Qt2Zu8yXKGu3ug
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:01:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1J8B9QDV7AQR9WMA4YC6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SDM5Wd14Qt2Zu8yXKGu3ug
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9SRE0yT08tTS1KNFE=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA_c-eawUnA9JLdzAS52gFQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRE0yT08tTS1KNFE=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRE0yT08tTS1KNFE=&google_push=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9SRE0yT08tTS1KNFE=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B38C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NAOlwxRKTeuERGajs4wQdQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NAOlwxRKTeuERGajs4wQdQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NAOlwxRKTeuERGajs4wQdQ
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:01:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6AXJCYVH8SST6J95ZAWY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NAOlwxRKTeuERGajs4wQdQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM8cbMKo5nJtn_3YSb52G1M&google_cver=1
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM8cbMKo5nJtn_3YSb52G1M&google_cver=1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM8cbMKo5nJtn_3YSb52G1M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PCfxmKXfJR6BTg12BWrOZw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K6GIW3JE2oL3Fbg64pYf0GXvKhXpJ8HrC4yuMw--~A
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K6GIW3JE2oL3Fbg64pYf0GXvKhXpJ8HrC4yuMw--~A
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 09 Nov 2023 16:01:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-K6GIW3JE2oL3Fbg64pYf0GXvKhXpJ8HrC4yuMw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORDM2OO-M-J4Q
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E4957FE91AAF4936811CABFEED6CCF41 Ref B: YTO01EDGE0511 Ref C: 2023-11-09T16:01:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJulAuY8wzJkryYUlBEQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LORDM2OO-M-J4Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFFR07KmgUAABM19mn2rw&expires=30
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFFR07KmgUAABM19mn2rw&expires=30
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFFR07KmgUAABM19mn2rw&expires=30
Date
Thu, 09 Nov 2023 16:01:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame B38C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LORDM2OO-M-J4Q
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:16 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LORDM2OO-M-J4Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 09 Nov 2023 16:01:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LORDM2OO-M-J4Q
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame B38C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LORDM2OO-M-J4Q
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q&ckls=true&ci=vL4bYB9fAR&nc=false&trid=-1995885247
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q&ckls=true&ci=vL4bYB9fAR&nc=false&trid=-1995885247
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
52.85.132.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-46.iad50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
via
1.1 df08ba5d249ec7fb2513313ea66b59f8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
1LEMFVuQIKsrM8bk8IgG5MfVyjA-uqN2D77KARGQd1xJys_FbsHJ7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
via
1.1 df08ba5d249ec7fb2513313ea66b59f8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LORDM2OO-M-J4Q&ckls=true&ci=vL4bYB9fAR&nc=false&trid=-1995885247
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
XBlDtAgAos6PcAFFU4UDrgIax15DZ_rlS5sgHvYvif3rO-LMrQFz4g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B38C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORDM2OO-M-J4Q
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
18.208.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-90-251.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LORDM2OO-M-J4Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
setuid
ib.adnxs.com/prebid/ Frame B38C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORDM2OO-M-J4Q
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORDM2OO-M-J4Q
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:14 GMT
an-x-request-uuid
255eb82f-21ff-4c93-af3b-e1936c289aa3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.80; 62.3.36.80; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LORDM2OO-M-J4Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B38C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5545f322-0164-43ee-b0db-2be96d5d2763&expires=30
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5545f322-0164-43ee-b0db-2be96d5d2763&expires=30
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5545f322-0164-43ee-b0db-2be96d5d2763&expires=30
Date
Thu, 09 Nov 2023 16:01:14 GMT
Connection
keep-alive
X-CI-RTID
2e6f037c-cbbf-4a25-aed2-6280f62f44aa
Content-Length
144
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame B38C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LORDM2OO-M-J4Q&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LORDM2OO-M-J4Q&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUVJCaS54RTJ1RzJ1RlFiM3lCVFFSOWNwOG1qYndfQ35B&ovsid=LORDM2OO-M-J4Q&dpid=58160
53 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUVJCaS54RTJ1RzJ1RlFiM3lCVFFSOWNwOG1qYndfQ35B&ovsid=LORDM2OO-M-J4Q&dpid=58160
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
23.218.218.176 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-218-218-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 09 Nov 2023 16:01:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 09 Nov 2023 16:01:14 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DUVJCaS54RTJ1RzJ1RlFiM3lCVFFSOWNwOG1qYndfQ35B&ovsid=LORDM2OO-M-J4Q&dpid=58160
date
Thu, 09 Nov 2023 16:01:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
__activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/7noslr035pfb0mvo/b1ae1144-a3ed-42e9-8a73-9e8df87137f7/__activity.gif?e=stuck_10s&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=11152&blst=927&ist=1149&iet=1153&bdst=928&bdet=1053&bcttt=29&jsfv=nbc&ts=1699545674380&jsk=7noslr035pfb0mvo&jsv=20230912&cu=https%3A%2F%2Fwww.thestar.com%2F&uid=b1ae1144-a3ed-42e9-8a73-9e8df87137f7&sid=f020d4a7-6c89-4272-ff4a-1a5357e2c5c8&pvid=c34e5aef-3ac5-48e0-b44b-3715796a9ca5&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F119.0.6045.123+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=480&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Nov 2023 16:01:14 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1699545674482&plid=8033988&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2223253054339528186421510781647711301545%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11729%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F&sref=&sts=1699545665518&slts=0&title=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&date=Thu+Nov+09+2023+08%3A01%3A14+GMT-0800+(Pacific+Standard+Time)&action=_scroll&pvid=20364805&u=pid%3Da85c6559b7a0b80feb8a53954fc812ec
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:14 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 09-Nov-2023 16:01:14 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 09 Nov 2023 16:01:14 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545676582;eid1=2;ecn1=0;etm1=7;eid2=12;ecn2=0;etm2=7;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8...
ade.googlesyndication.com/ddm/activity/ Frame 136E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545676582;eid1=2;ecn1=0;etm1=7;eid2=12;ecn2=0;etm2=7;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8=960584;ecn8=1;etm8=0;eid10=18;ecn10=1;etm10=0;eid12=960585;ecn12=1;etm12=0;eid14=13;ecn14=1;etm14=0;
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1cfv_aS3ggMV7jZPCB13CQIOEAEYACCa3KRh;met=1;&timestamp=1699545677689;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0F2D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1cfv_aS3ggMV7jZPCB13CQIOEAEYACCa3KRh;met=1;&timestamp=1699545677689;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545677845;eid1=2;ecn1=0;etm1=2;
ade.googlesyndication.com/ddm/activity/ Frame 136E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5K2k_qS3ggMV-RpoCB01JQgbEAAYACChl6thQhMI1Mfv_aS3ggMV7jZPCB13CQIO;met=1;&timestamp=1699545677845;eid1=2;ecn1=0;etm1=2;
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1699545679941&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=2c146d2e-82f7-4c71-bd15-9e2f96e8a17f&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:19 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
increment
id5-sync.com/api/esp/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thestar.com
date
Thu, 09 Nov 2023 16:01:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
adsct
t.co/1/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4a16de9c-53db-42f7-99a9-f83b9dbaa9bd&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23cf617b-8c06-48ee-9d2d-6b46167869f6&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time
6
date
Thu, 09 Nov 2023 16:01:19 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
ca3f1ae5af229794
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e866cf66dca3d3bdc93fb2077caa891b4e986036358a499aa649d20487ca6050
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4a16de9c-53db-42f7-99a9-f83b9dbaa9bd&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23cf617b-8c06-48ee-9d2d-6b46167869f6&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time
71
date
Thu, 09 Nov 2023 16:01:19 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
4820f48d8235a970
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f5d83807dddd78b12015689809a7ff3378bfa6766cc9ac584453ee86ba83d350
content-length
43
549886031832745
connect.facebook.net/signals/config/ 		372 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549886031832745?v=2.9.138&r=stable&domain=www.thestar.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
22167055c96bcbbf5f60bc5f90b48e8f27f6f3011f1685328d56f1a43458b1eb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 Nov 2023 16:01:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Ahl0J8jzWJzjPNW7PZ0fIHCcl+kwPe3FuRJ857DO+OzwmJaJjJMrQ2AH2ESslA8pN09/72d0DhsXTjNE1PqE/g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 467C 		297 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b3e7087e228be3a58b28db80acc7ba4d178749326af5386b4b754f1160b6b44a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
297
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 09 Nov 2023 16:01:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZCH2NB69XDHXE4X1Z4SQ
pr
s.amazon-adsystem.com/v3/ Frame B2C4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5a4ea9b8dd197b142ad159a4bbcc69c726ba89aee1b58118dd21f986979ee7d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1219
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 09 Nov 2023 16:01:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5KRSXZ16XR8HJGQ61KDA
/
match.sharethrough.com/jwumXNuB/v1/ Frame BC39 		575 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-90-251.compute-1.amazonaws.com
Software
/
Resource Hash
fa78e1259ba46c298dbd5ffc6d0507982f4af2987667b967219e874f7e0cd8e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
575
date
Thu, 09 Nov 2023 16:01:20 GMT
cm
u.openx.net/w/1.0/ Frame 58AA 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 09 Nov 2023 16:01:20 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 8370 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.146.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-146-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:01:20 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame DE51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8507598715724842454&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8507598715724842454&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 09 Nov 2023 16:01:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TVXACWF7Q3KTA6NMERXP

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e69b4871-6285-4f51-b782-1c05d63e99b7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:01:20 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=8507598715724842454&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
62.3.36.80; 62.3.36.80; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf
pixel.thestar.com/events/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.138&r=stable&domain=www.thestar.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.209.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-209-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Thu, 09 Nov 2023 16:01:20 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F&rl=&if=false&ts=1699545680296&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699545680293.508334996&eid=ob3_plugin-set_4bc113890e8adef98eff7a2b2eb0e3c399390c1520f8ec4cfd401a6e900d711c&cs_est=true&ler=empty&it=1699545680061&coo=false&rqm=GET
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 Nov 2023 16:01:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8370 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.146.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-146-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
63361eae08552196b908a442e90b9844cff15fe33e7b7c942a20469d1b1e9aa2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 08:04:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57783
Connection
keep-alive
Content-Length
13280
Expires
Fri, 10 Nov 2023 08:04:23 GMT
ecm3
s.amazon-adsystem.com/ Frame BC39 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=819da1a7-57f0-4f4f-8965-ea3aba357dc9
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:01:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NJK4D8PFGZNVN3M4RSP8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BC39
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.208.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-90-251.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ff32ddd3-56d7-465f-8ca1-922801504d6f&gdpr=0&gdpr_consent=
date
Thu, 09 Nov 2023 16:01:20 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame BC39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ODE5ZGExYTctNTdmMC00ZjRmLTg5NjUtZWEzYWJhMzU3ZGM5
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.208.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-90-251.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame BC39
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1699545680444
  • https://ad.turn.com/r/cs?pid=45&rndcb=3762191252
  • https://sync.1rx.io/usersync/turn/8329712340727933454?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_...
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.208.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-90-251.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 09 Nov 2023 16:01:20 GMT
Server
Tengine
ETag
RXff47eeb8c4854c41a579a06c6c58d590005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005
Content-Type
text/html
Connection
keep-alive
sync
ssbsync.smartadserver.com/api/ Frame BC39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.69 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
khaos.json
token.rubiconproject.com/ Frame 8370 		7 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LORDM2OO-M-J4Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 8370
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LORDM2OO-M-J4Q
  • https://s.amazon-adsystem.com/ecm3?id=LORDM2OO-M-J4Q&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LORDM2OO-M-J4Q&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 16:01:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ZYXR3CPDRD1RCZYA6VR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LORDM2OO-M-J4Q&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
590220bec8184c81b82a7f288fbe0c2fb6045204a6e42535ec878dfb4069c13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12026
x-xss-protection
0
ct.html
ct.pinterest.com/ Frame 29F0 		565 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.76f77207.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.117.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-117-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

akamai-grn
0.9969dc17.1699545680.1768c07e
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 16:01:20 GMT
pinterest-version
d6951f45f66563771add4a1e3ca61db071303140
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1073200216627705
js
www.googletagmanager.com/gtag/ 		255 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
48d381985423e4f82fe58ff4005815c717a55077b9c9e78396906a9f0821ebaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88487
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:01:20 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d554dac06f638d5bbe834d451558aaf25506b16f3d3af5a1ee038768bb74c51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88734
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 16:01:20 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=668087409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUABAAQCAGAAIAB~&jid=619947317&gjid=929824871&cid=794087290.1699545665&tid=UA-73335503-1&_gid=667537596.1699545665&_r=1&_slc=1&gtm=45He3b60n81WRSZQF8v9101115636&gcd=11l1l1l1l1&dma=0&z=874151260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2023 15:12:56 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2904
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 09 Nov 2023 17:12:56 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=668087409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUABAAQCAGAAIAB~&jid=965212760&gjid=974069033&cid=794087290.1699545665&tid=UA-70431129-1&_gid=667537596.1699545665&_r=1&_slc=1&gtm=45He3b60n81WRSZQF8v9101115636&cd1=home&cd2=core%20site&cd3=desktop&cd4=landscape&cd5=&cd6=&cd8=&cd9=web&cd10=home&cd11=thestar.com&cd12=&cd13=&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&gcd=11l1l1l1l1&dma=0&cd7=&z=1500310247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 16:01:21 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73335503-1&cid=794087290.1699545665&jid=619947317&gjid=929824871&_gid=667537596.1699545665&_u=aCDAAUABAAQCAGAAIAB~&z=45647394
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:01:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70431129-1&cid=794087290.1699545665&jid=965212760&gjid=974069033&_gid=667537596.1699545665&_u=aCDAAUABAAQCAGAAIAB~&z=814411110
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 09 Nov 2023 16:01:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je3b60v887944298z89101115636&_p=1699545663574&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=794087290.1699545665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699545681&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ep.Owner=thestar.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=17813
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=794087290.1699545665&gtm=45je3b60v887944298z89101115636&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=794087290.1699545665&gtm=45je3b60v887944298z89101115636&aip=1&dma=0&gcd=11l1l1l1l1&z=813584107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je3b60v873043922z89101115636&_p=1699545663574&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=794087290.1699545665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699545681&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ep.Owner=thestar.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=17860
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=794087290.1699545665&gtm=45je3b60v873043922z89101115636&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=794087290.1699545665&gtm=45je3b60v873043922z89101115636&aip=1&dma=0&gcd=11l1l1l1l1&z=449727458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 16:01:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FD4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
596397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 18:21:24 GMT
expires
Fri, 01 Nov 2024 18:21:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 83BD 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
GSE /
Resource Hash
307f8539eef91d45c1a976a796b695f552d1cb852735093d6f98df27ec2373d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F3i3VZcJEGFzMbpuivJ5JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-F3i3VZcJEGFzMbpuivJ5JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 16:01:21 GMT
expires
Thu, 09 Nov 2023 16:01:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 0FD4 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:37:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 83BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=971320467965704&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0FD4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MVTISA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:01:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=971320467965704&bg=!jo2ljcLNAAb4oU7C2KE7ADQBe5WfOOpytEYhC1ShkIL5Hkr8_fGqt3E6nPGHNC_yUxQkDP8WsmTmLqGYkUCOTwMQc0A1AgAAAEFSAAAABWgBB5kCqExrULovqbybAFNd73r7mBRXe2fSSq-pW_oPM90WjxTUxunJpL7iwPWyeLVhJyYo1Q9_z_74la3K7cwxQXlbUXSOsMl3r7NAR9DbyIhQ7sO7n9gGryvzh-cRBCkisELLqhI2Fz1yWZauw4nVebvp9a0XvianQwRmzMMzcpzxH7tBZ3ejkunaT8FYxRN2BtPFvxBv1W6W1g6zrxKJiPHWeVdaK8PWEHUU8ptJVxeOD0Ie-WTe9IGpIzNKPtG2SblO4_6sc4ZWLYMtAXhtRl3h_aswXMjz7er8YgIkllG2TtxfJChjOi49tucNPbuW8gMVPOLfcFCvxVN-A8V26z4TNF2hZNHHDEjBVOMrDD9E0GOZWJrg35tu1e3Mghm4xSBaxhMCAWOuqeLjUdb_rzv_SxANnsPxzlSlGWU07dsJ_5PZbM7iPrBQXGDg_HHCpRHa4iZnS5bKDxyujP7jiSEajK9Nb9EnddJacDnLvo8YLjW81CDFcQGxBRBBrpxOxu0d9mYN1XLLVRc1TejDTrz9lXTsAhRMREoVZjHoq45HjD9aatF18OcxMiQmEalckZ9fq3z92cR0ihx3xLsb1ip1Dt16j1lpWsyHJ_NbMoP0g_jChAeeZdxOFUlvXjxGOa3HLj6cI4sULIMcEFR7N6JUT565Dt4Q9XnoS3lmB6nrjEChfy-RtALAMmus4qb4EWjx9FBjEusWei3tFiUW-rdpK3s8-qGvD8APvu7R-HSXxOSlvvCosFbDI-H9sytMgO5HdH971DB0DwNTlpUClIuUYpfc2x4VjzynQs9b4fJdwHV2Ge9aZ_8MsPDeQ3CkCw-kIQKhMLhD1mwIO2HdF7Zhx-SijuK077gy2BHJKmsBAP1NC53vsRiPHaIucgb32KiodlF8LyP8s_fs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1699545684482&plid=8033988&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2223253054339528186421510781647711301545%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A2%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11729%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F&sref=&sts=1699545665518&slts=0&title=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&date=Thu+Nov+09+2023+08%3A01%3A24+GMT-0800+(Pacific+Standard+Time)&action=_scroll&pvid=20364805&u=pid%3Da85c6559b7a0b80feb8a53954fc812ec
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:01:24 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 09-Nov-2023 16:01:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-64feXG7jem6itz90iSgNIGbHPDeQm10Vt7LGlwuPqA&google_push=AXcoOmTiHhBcEjeoaE_THQMMQKwu7SzT5jV_xzSO1eEDOTa--abN8JdxF1JSjQirlCFPQ3Ik_Co8hRlcrBSoBlClA16izV9N836Zcw

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| dataLayer object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset number| browserWidth string| cutpoint function| loadGAM object| googletag object| gptAdSlots object| apstag object| liftigniter_config object| promo_design_config function| initStarLogo object| optable object| gs_channels function| receiveMessage object| offerData boolean| bDebug object| userStatus object| logSWGSubscriptionCheckoutStarted object| logSWGSubscriptionOrderCompleted object| userState object| SWG function| initDomLoadedHandler string| environment object| authorListJSON string| authorProfileName string| authorScreenName string| authorProfileTitle string| authorProfileId object| adobeTokens string| userEntitlementStatus object| permutive function| TNStats_Tracker object| TNTracker function| handleUserLogout2841699 function| handleUserLogin2841699 function| handleUserLogout2841705 function| handleUserLogin2841705 object| allowedServicesTier1 function| handleUserLogout2841702 function| handleUserLogin2841702 function| getAbsoluteHeight boolean| isMobile function| stick_in_parent function| initGenericLogin function| genericLoginHandler function| handleSaveAsset object| SUBSCRIPTIONS object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| google_tag_data object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| default_gsi object| _F_toggles object| google object| _satellite boolean| __satelliteLoaded object| extensionGoogleDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in undefined| hubPage string| GoogleAnalyticsObject function| ga object| __bt_intrnl object| __bt object| __bt_tag_d object| __bt_tag_am object| ggeac object| google_js_reporting_queue object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome string| $igniter_var function| $p object| closure_lm_669335 boolean| __bt_already_invoked object| vfQ object| viafoura object| vf function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| keyLinkTrackVars object| gaplugins number| x object| analytics object| webpackChunkli_browser_client undefined| google_measure_js_timing object| webVitals function| fbq function| _fbq function| twq function| rdt string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| uetq function| pintrk string| janrainUUID string| loggedIn string| entitled string| siteLevelUserId string| hubLevelUserId number| scrollIncrement string| AMCID string| wordCount string| plan function| trackScroll object| PARSELY object| gaGlobal object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| regeneratorRuntime object| ox_esp object| _comscore object| GooglebQhCsO object| gaData object| process boolean| _already_called_lintrk object| COMSCORE object| ns_p function| _typeof function| UET function| UET_init function| UET_push object| ueto_f148fb6946 object| s_i_torontodnnlocal string| sUserId number| google_unique_id object| _MiaAds function| Sizzle function| fskLib function| FskGetSections function| FSK_parseDFPKV function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame boolean| isAllowed object| sas string| scrollMethod object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| __uid2SecureSignalProvider object| __uid2 object| twttr object| GoogleGcLKhOms object| google_image_requests

122 Cookies

Domain/Path Name / Value
.pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf Name: cee
Value: pASwHVpmPRRbPinGDoAfbgHC2DGIvgJS2ozzEB426og%3D.%7B%22cee_id%22%3A%22cee.1699545680422.38588%22%7D
.thestar.com/ Name: permutive-id
Value: 94ab1e00-0ed2-4c9e-8671-02c84d1687ad
.thestar.com/ Name: _gcl_au
Value: 1.1.904992635.1699545664
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: 3eb396d7-997f-40ef-bde1-ec2ce3d01971
.demdex.net/ Name: demdex
Value: 23261461132897361521511620196744541603
.thestar.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
.thestar.com/ Name: _igt
Value: f020d4a7-6c89-4272-ff4a-1a5357e2c5c8
.thestar.com/ Name: _ig
Value: b1ae1144-a3ed-42e9-8a73-9e8df87137f7
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZU0CQAAAADmAUANw
.dpm.demdex.net/ Name: dpm
Value: 23261461132897361521511620196744541603
.thestar.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1699545664.1.0.1699545664.60.0.0
.openx.net/ Name: i
Value: d7598a96-61ae-4170-a6e1-9d0a2f50c8af|1699545664
.thestar.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.thestar.com/ Name: _gid
Value: GA1.2.667537596.1699545665
.thestar.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.viafoura.co/ Name: VfSess
Value: 78g7b6943ksm4npvc7fiv987t4
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
www.thestar.com/ Name: _vfz
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1699545665.1.medium=direct|source=|sharer_uuid=|terms=
.thestar.com/ Name: _vfa
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.048060b6-7402-4aa6-ab30-fb71bf251aee.1699545665.1699545665.1699545665.1
.thestar.com/ Name: _vfb
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.2..1699545665....
.scorecardresearch.com/ Name: UID
Value: 148a63e6f9d49404edc46181699545665
.google.com/ Name: NID
Value: 511=bPz8NWO97rVtlhkmUB-W_9gctYo5CcOZ30rMq6lbJkhFQ9Y6mfLXz2m584QNrT5li1bdocel8WbVCszIEmjVH67IC9rpoOr7yIaCYxhv3uYphYF1rejs8MtZvO9e9Ak76C9quM3eTqsHa9cxouyLPEt9IzQa1u8LkFg_d5KSW5M
.linkedin.com/ Name: li_sugr
Value: 1d0a5c77-3a07-46a0-b598-900794eeeff8
.linkedin.com/ Name: bcookie
Value: "v=2&6e0589ad-8a97-499b-860d-f49883a1c67f"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2625:u=1:x=1:i=1699545665:t=1699632065:v=2:sig=AQHXEL0CkupjhV8raF_ep0rFFhlEqpyH"
.linkedin.com/ Name: UserMatchHistory
Value: AQJF79aNWYODhwAAAYu00M8QIi3D--t2VXQgv4MGy8c1felmPrBHrDrBgiQJQ-NG3px60wttBT6EmQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLclWPFVTroAQAAAYu00M8QmjcOHKfauA8fLKOfi6d0AUBuMrCnypOfaSd0rVBjldGOX_G44RtQEpOhSFGxPg
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023110916010501996774-5f08-446f-8923-fccfefb1a026AQEqRrmvd_t6MGEcr_GTDrTtjj55zuG7"
.thestar.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1699545665518%2C%22slts%22:0}
.thestar.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a85c6559b7a0b80feb8a53954fc812ec%22%2C%22session_count%22:1%2C%22last_session_ts%22:1699545665518}
.thestar.com/ Name: _uetsid
Value: 304938a07f1911ee9743efe96d630378
.thestar.com/ Name: _uetvid
Value: 304942c07f1911eeb76dff5dd28ba98a
.thestar.com/ Name: s_ecid
Value: MCMID%7C23253054339528186421510781647711301545
.bing.com/ Name: MUID
Value: 2FF868A3B35467C414B87B67B22A66F2
.bat.bing.com/ Name: MR
Value: 0
.thestar.com/ Name: s_cc
Value: true
.thestar.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19671%7CMCMID%7C23253054339528186421510781647711301545%7CMCAAMLH-1700150464%7C7%7CMCAAMB-1700150464%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1699552865s%7CNONE%7CMCSYNCSOP%7C411-19678%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.doubleclick.net/ Name: IDE
Value: AHWqTUn78i2TEPThhI9miNxEC7Ae3O5Pa_HMFF6yif8nbNYyvyuqaQ2hdieShETyYg8
.thestar.com/ Name: ajs_anonymous_id
Value: eeb53fcb-f295-4998-8591-0dc5bb94d9f0
.thestar.com/ Name: __gads
Value: ID=272e3ccd4288d34f:T=1699545666:RT=1699545666:S=ALNI_MaQznqGbBO68Jsm3Rzj2f5iV-K8Sg
.thestar.com/ Name: __gpi
Value: UID=00000da0e5e97a0b:T=1699545666:RT=1699545666:S=ALNI_MZccT5uuipQ8isAPb3jPwC_m-V36Q
.adnxs.com/ Name: uuid2
Value: 8507598715724842454
.doubleclick.net/ Name: APC
Value: AfxxVi59273YFllYMVzsZ9zAqHiYMniH2AvNN2fA47H7Hwveo7lxfA
.sharethrough.com/ Name: stx_user_id
Value: 819da1a7-57f0-4f4f-8965-ea3aba357dc9
.casalemedia.com/ Name: CMPS
Value: 127
.casalemedia.com/ Name: CMID
Value: ZU0CQ9qyGuInIM9GfysSCAAA
.casalemedia.com/ Name: CMPRO
Value: 127
.pinterest.com/ Name: ar_debug
Value: 1
.thestar.com/ Name: _pin_unauth
Value: dWlkPVpURmxZalEwTlRrdFlqTTNOaTAwWmpNM0xUbGhaamN0Tm1OaE1UVXpOVGsyT1RZMA
.teads.tv/ Name: tt_viewer
Value: 16a6ea39-d592-4a20-9077-18b50226069c
.id5-sync.com/ Name: id5
Value: 9b898486-6d54-7f6d-aa6f-5013d912a5fe#1699545668567#2
.id5-sync.com/ Name: 3pi
Value:
.adingo.jp/ Name: ID
Value: aaab324b61297eeb30ef6babcf1565e1
.viafoura.co/ Name: vfDeviceId
Value: e810aa8e-caec-47ae-a8f3-c5837168cd48
.mediago.io/ Name: __mguid_
Value: 4df39c49018bf5b81a83pb00lordm0lt
.freeskreen.com/ Name: a
Value: "Mjc9MXx8Ow=="
.freeskreen.com/ Name: fsk_retargeting
Value: VjM0S0tMcXdwbjVBakllbFRSVGdmemtWZFNiMjNicDJ8Vkc5eWIyNTBiMU4wWVhJ
.tremorhub.com/ Name: tvid
Value: 7d924210a71944209ca74cb5888df183
.tremorhub.com/ Name: tvssa
Value: 1699545671677
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 104685=5709121
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 4931313997601554858
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500020318%3B%24ql%3DUnknown%3B%24qpc%3Dm3h+6a7%3B%24qt%3D93_2124_19080t%3B%24dma%3D0&c=1&l=-350880254&lo=1049373650&lt=638351424717090914&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500020318%3B%24ql%3DUnknown%3B%24qpc%3Dm3h+6a7%3B%24qt%3D93_2124_19080t%3B%24dma%3D0
.exelator.com/ Name: EE
Value: "938d24a76287bd1f94858a72632d41ab"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHS2CLFyCTR3MzIwjwpxTDN0sTC1CLR3MjM2CjFxDAxaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6ImfHxUUpaQyLSopPBR%252B9lQEAcx4qFw%253D%253D"
.rubiconproject.com/ Name: khaos
Value: LORDM2OO-M-J4Q
.adnxs.com/ Name: anj
Value: dTM7k!M40]DYRWSF']wIg2Hb^v?QfF!2(6*(<j<dINiYhTyXnfi8FW/eU=]U_/IzxkA`o'mq/BOe%!'M[IE*ygIh1I(j#iP(Md8i-=to)BcWf:8vbqDww3PGarCd:!nM1oQEVk`!$JO8$97e*
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPUkRNMk9PLU0tSjRRIiwiZXhwaXJlcyI6IjIwMjQtMDItMDdUMTY6MDE6MTRaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTEtMDlUMTY6MDE6MTRaIn0=
.primis.tech/ Name: csuuid
Value: 654d024a49278
.adsrvr.org/ Name: TDID
Value: ff32ddd3-56d7-465f-8ca1-922801504d6f
.tapad.com/ Name: TapAd_TS
Value: 1699545674310
.tapad.com/ Name: TapAd_DID
Value: 8f9e76cb-fc61-436c-b49b-48e9198f1182
.yahoo.com/ Name: A3
Value: d=AQABBEoCTWUCENN-YLlLdpz2lyZ6FED33PIFEgEBAQFTTmVWZQAAAAAA_eMAAA&S=AQAAAkr6q5_TWW8RUQ7_sHKMMhE
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ipredictive.com/ Name: cu
Value: 5545f322-0164-43ee-b0db-2be96d5d2763|1699545674427
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2eyg:19e0~2eyg"
.owneriq.net/ Name: si
Value: Q7528320741338974383P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.intentiq.com/ Name: intentIQ
Value: vL4bYB9fAR
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdjg0UndN
.intentiq.com/ Name: intentIQCDate
Value: 1699545674755
.intentiq.com/ Name: IQPData
Value: 1040393296#1699545674752#0#1699545674752
.intentiq.com/ Name: ASDT
Value: 0
.hb.yahoo.net/ Name: visitor-id
Value: 3425472749329676000V10
.hb.yahoo.net/ Name: data-mag
Value: LORDM2OO-M-J4Q~~63
.zemanta.com/ Name: zuid
Value: uQow3OYla09ZVJwGsVAA
.bidr.io/ Name: bito
Value: AAFFR07KmgUAABM19mn2rw
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: tuuid
Value: a8cd2131-9b1e-4c7d-b7dd-c2b982cd9ef2
.mfadsrvr.com/ Name: c
Value: 1699545675
.mfadsrvr.com/ Name: tuuid_lu
Value: 1699545675
.mfadsrvr.com/ Name: ssh
Value: !google,1699545675
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 25c856e5-c671-4bba-8f01-7968bd65ea29
.prebid.a-mo.net/ Name: sd_amuid2
Value: 25c856e5-c671-4bba-8f01-7968bd65ea29
.amazon-adsystem.com/ Name: ad-id
Value: A1vko7jrOEvbjbBm28Pk58Q
.freeskreen.com/ Name: scmtid
Value: "dGxyaWQ9N2Q5MjQyMTBhNzE5NDQyMDljYTc0Y2I1ODg4ZGYxODN8MTY5OTU0NTY3MTc0MiZzYWlkPTQ5MzEzMTM5OTc2MDE1NTQ4NTh8MTY5OTU0NTY3NDU5NiZzY21pZD1lZ2JiaGdmZWZqamdiUGxXTDFCU0VLdHwxNjk5NTQ1NjcxMTY0Jm1naWQ9TE9SRE0yT08tTS1KNFF8MTY5OTU0NTY3NzE5MCZuaWQ9OTM4ZDI0YTc2Mjg3YmQxZjk0ODU4YTcyNjMyZDQxYWJ8MTY5OTU0NTY3MjIxOQ=="
.thestar.com/ Name: _rdt_uuid
Value: 1699545679940.2c146d2e-82f7-4c71-bd15-9e2f96e8a17f
.t.co/ Name: muc_ads
Value: d006fc9b-66c4-4916-a8db-8c2b294c2c25
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169954568015684553
.twitter.com/ Name: guest_id_ads
Value: v1%3A169954568015684553
.twitter.com/ Name: personalization_id
Value: "v1_aX4GFqnCNJoxwtkgloA8fQ=="
.twitter.com/ Name: guest_id
Value: v1%3A169954568015684553
.thestar.com/ Name: _fbp
Value: fb.1.1699545680293.508334996
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCKCU8J_k0bA8EAUSGwoMc2hhcmV0aHJvdWdoEgsIrJ2C2eTRsDwQBRgBIAEoAjILCNaThYb70bA8EAU4AVoMc2hhcmV0aHJvdWdoYAI.
.rubiconproject.com/ Name: audit
Value: 1|tCEBxRqn6ASkYs0eCR3G74MOQtgOFTOzKEN8AvCe9HEKtsAeL0Ec/4jfVFHa2OhDJm1tEw2quDRS8G+dhi1GhVEzNmZkqoUp
.turn.com/ Name: uid
Value: 8329712340727933454
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ff47eeb8-c485-4c41-a579-a06c6c58d590-005%22%7D
.thestar.com/ Name: _gat_UA-73335503-1
Value: 1
.thestar.com/ Name: _gat_UA-70431129-1
Value: 1
.thestar.com/ Name: local_ga_B4CQN4KW3R
Value: GS1.1.1699545681.1.0.1699545681.60.0.0
.thestar.com/ Name: local_ga
Value: GA1.1.794087290.1699545665
.thestar.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1699545681.1.0.1699545681.60.0.0
.thestar.com/ Name: _ga
Value: GA1.1.794087290.1699545665
.3lift.com/ Name: tluid
Value: 1783277742367793578616
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2285B7D4C7-896D-40EE-2DC6-7AEFE1BB3730%22%7D

3 Console Messages

Source Level URL
Text
network error URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.offer.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.googletagmanager.com/gtm.js?id=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
15577298100cf54c2ac98cf4a0f725fa.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
adservice.google.com
alb.reddit.com
ampcid.google.ca
ampcid.google.com
analytics.google.com
analytics.twitter.com
api.btloader.com
api.permutive.com
api.segment.io
api.viafoura.co
b1sync.zemanta.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
bloximages.chicago2.vip.townnews.com
btloader.com
c.amazon-adsystem.com
cc.adingo.jp
cdn.id5-sync.com
cdn.parsely.com
cdn.petametrics.com
cdn.prod.uidapi.com
cdn.segment.com
cdn.viafoura.net
cm.everesttech.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
cs.admanmedia.com
ct.pinterest.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.yahoo.net
i.viafoura.co
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
live.primis.tech
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mia-placement-server.rubiconproject.com
news.google.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.thestar.com
play.google.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
px.owneriq.net
query.petametrics.com
r2---sn-tt1elnel.c.2mdn.net
resources.thestar.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.pinimg.com
s.thestar.com
s0.2mdn.net
s3.us-west-2.amazonaws.com
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
static.ads-twitter.com
static.freeskreen.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
t.co
thestar.ca
thestar.cloud.optable.co
thestar.solutions.cdn.optable.co
token.rubiconproject.com
torontostarnewspaperslimited.demdex.net
torstar.gscontxt.net
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
ww1772.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
sync.inmobi.com
104.104.68.191
104.16.123.175
104.16.133.24
104.18.36.155
104.18.41.170
104.22.52.86
104.22.74.216
104.244.42.133
104.244.42.3
13.107.42.14
13.32.208.21
130.211.23.194
142.250.31.155
142.251.16.101
142.251.16.139
142.251.16.157
142.251.16.94
142.251.163.148
142.251.163.155
142.251.163.97
142.251.167.132
146.75.28.157
147.28.129.140
151.101.1.140
151.101.194.49
151.101.65.140
151.139.128.10
152.70.51.45
162.19.138.82
172.253.115.138
172.253.115.148
172.253.115.155
172.253.115.94
172.253.122.95
172.253.62.105
172.253.62.132
172.253.62.154
172.253.62.84
172.253.63.149
172.253.63.94
172.67.69.19
18.154.227.100
18.160.10.101
18.160.23.201
18.208.90.251
18.67.76.86
192.104.182.109
192.206.144.180
199.127.204.171
204.79.197.200
216.22.16.1
216.22.16.56
216.239.32.181
216.239.36.178
23.218.218.176
23.218.218.181
23.220.117.6
23.220.136.202
23.48.146.102
23.55.205.47
23.61.60.237
23.83.76.69
3.162.111.130
3.224.218.221
3.225.47.189
3.33.220.150
31.13.66.19
31.13.66.35
34.102.146.192
34.107.254.252
34.111.113.62
34.120.107.143
34.149.155.241
34.160.43.93
34.200.65.202
34.229.3.43
34.236.86.219
34.238.209.237
35.160.151.220
35.186.253.211
35.190.0.66
35.190.14.224
35.207.24.140
35.208.249.213
35.241.9.51
35.244.159.8
35.71.139.29
44.207.229.222
50.116.194.21
50.31.142.159
51.222.39.184
52.21.198.14
52.218.250.32
52.45.243.144
52.46.151.131
52.6.250.117
52.85.131.58
52.85.132.46
52.85.150.3
52.85.151.129
52.85.151.85
52.94.220.185
54.144.144.142
54.147.69.123
54.152.118.221
54.158.26.120
54.227.202.190
54.88.66.11
63.140.38.219
68.67.160.186
69.173.151.100
74.125.0.7
8.28.7.81
8.39.36.141
8.43.72.97
80.77.87.162
99.84.222.71
99.86.191.237
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
02ddb2b63946a8b255d5098db79cb2e79a83cabaffc51acd7948ed04e87a1e63
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
041ee407acc52f80ff004eb3e813605ec18f450eb3290d7358b3544457509d9f
04492f71fb6251dcf88c48f3a0de6beb943b7e79a1c666f370df75cf2b3d0733
045343509abacbc00f8ea3b833be387f99ee2f2d14b3be1e76cc2a76f2ae0d9f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e51d53b4513a76861c42a278ecb208963d19159bd9077c004a980393cb858c9
0fd311a7c211ca8561ab85c9491d9d5e5b0c1efa52c2187881fccc208a870eee
115c8f8f8704f0a12c47f478200552a56fef3d60efec25acbfcd3d2972901027
11838476fbbbecd7c257656f9c6ffddfd5e7fe6aa99212476625fa82bf940093
12980895e3b0c5aa5fb5e7766fcf3fc0acdb1779e0411161f807350474c7b7ef
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
14db1e5d48bb5068b105ab6eec9e41983ec18dd0f1eb903a7fde3255016abc73
1612d90c1d9c22035e01a7c4fb758a0b30fb477884e93e74c0e46bae56129a22
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b29af82ad757fab4ab348e30008412ea6380c49637bff2366212fbd7d6ea236
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d287075a8301383c3ee89e522fb146f041dcb1cceeda237f5b684803f72abbe
214afbfa73ab4d9667ec286d846fbe886fe595a4654d8c53dab2602a8345cb98
22167055c96bcbbf5f60bc5f90b48e8f27f6f3011f1685328d56f1a43458b1eb
254b425c8287494d9cf74279575842918beb0183c01ef4393abe5c4ca2b6cc40
25ea521cb3580e57b11ff127db82ccaba78a9538a4179ae6705a935fd34a03b3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
28e3ae9ba348988c0237bd6a8a1abc8e88a8bef3e09fdbb6b87c958811919942
29377d5ef8029ac1db67631d85f7f607c9aaed6156fe4196907da440473cafed
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2b2d17830e77c86c0a2e4b6ff4b2bbf29f40a82a67ef21ca47fbd81f1143844e
2c070f1f68beb6e37a675f9863ef687aab4b22a195d55fc208f060fd5e21b186
2d3c0380882f972a925d968508d24712258b0101229d2610dd94060ef437671e
2d4fbf5b6c9b115d1a0c5afb70d570151070cbaec743985b8a6e66b1aee63fa1
2d6c28acd623695660f4aa9985cd7b8586cac0e8d10697d23bb05f4b1686ab4a
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
307f8539eef91d45c1a976a796b695f552d1cb852735093d6f98df27ec2373d9
313963d64c00b096563a43f9856ae5fcb8aeba67d3a808d23171e8455198ebc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33998370d239e34ca2bbaeec24d6e1be2a063da533c00fcc649f7a3f3ea1ada9
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37f23c44262cc250e7c455aaeb0e50b0ad81a5d6c48f935daee2e3d6fce7f136
38fd5e1667a3b3d67b25d595f6e73a8e52b7cbe691ec11777a0b8ea1426b7ab0
39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0
3bd5379e2ae6334835fd673237c31ad2cd14fce6b3dc02c99b7205ca9556186a
3bd7f0737d318be93dd3adc42bf524d469962623952d260e2c1c6cdf90f0f196
3c746fb9e00d902dff2611587b97158ec62bf8122e91eefb718f06c64eaf3c18
3d9bf3c7c5328cca0b634dfe8af544c3c5fc04e3a0a890a73c5a063a7ea2c856
3dbb54f00210789524e7a7681d87ab665cd80d3727084fbb42b9e31fe2ff6612
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405c4550c8b2401dde63474ed294096f926f4247df590187152a808ddf7dfc22
42b58a8790c9264d5d0b1fa725e4127fdc23449cb76f878901f357a9cb450f56
42bfa84a9a1eaa20f1b08dc0e4979611311d2381155a1c7da5170f7a55000086
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
477fb1725dbbf36ecea68082b558ee6cb863ef2516d93e969fc262193d60cc31
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
482fbbb5668853c9a68de548cb9510098ba763892e9739edbf6c0e40a4dc57b4
48d381985423e4f82fe58ff4005815c717a55077b9c9e78396906a9f0821ebaf
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
491db333910d8dea0ead4180be995a2df610c3d02bcd11817f9bfd24bcc38dae
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
4dc3a5ba6e8f6883d42c2affa4a5db6bf56dde9c97a4814567b3444cab78c748
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fad6f434e07a7b7a8ce0c5132a48c29dfc92228f23ab78e1d2e801228cf1cb0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5058b699155066f02bf0e60da5abb4c6a5284d0bd6a07b8c9ec51bbed7e11f04
516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9
53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5484ecf43135d45c32cfab5330368b4e28860ed71a20f904db53a71e54ba6fe5
556d7f40adb462fc4a6a8373696a4e53a63c0d6df011afef3c92ec2599e9bb1a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58712d0ecb9172e49a0868a4369b34210752e14c62cb4a279c48e41f6bbfd3f4
590220bec8184c81b82a7f288fbe0c2fb6045204a6e42535ec878dfb4069c13c
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
597cf1adbafca51f41aedfbdc509c2e15e81382778e096b1398c66cda6865f2d
599ad3d38d3be0b776825cf6296bd4eb99ed608fadea0b7bd8e37a626c338cd1
5a4ea9b8dd197b142ad159a4bbcc69c726ba89aee1b58118dd21f986979ee7d3
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5b79ef0d77339903f488a4cbe714a44abf6ea8ce6103607621b445ae3df3d14a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
602b2f3c4f911d31f8c395dd02670adf1f506421caed47e470341be496c97dc9
6086afbf333f1fbebe5a1badd8969949561253901a871d956263b9b7c3f5268f
617305a5e9d96e9b88a4561e9d034d76d5209d5eba40c87347ea89cac307a800
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63361eae08552196b908a442e90b9844cff15fe33e7b7c942a20469d1b1e9aa2
6343d35b0d4623c749d1adf4b408899990ed9461f512292524cb57c0b8d1130a
64295b28df418cd23c98214bb8589db3eb449f78a61e70d373cc7c7bc75e2fc3
64c1bafca557f6722d99e4374ba17e5946bb47e22d92eb7d19aac39b609e7f2a
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
67999af8cf3192a110c9ea04c5cebfe462ca1f97fa462698b01255522909044b
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
69c3e628ea4efaec17c3296b180c8efd1b6ea6f457f5f39e6013da8c4595d0d6
69c5ca4015f3d5ab50da17f4b6faca822d0f65a9cfee939ea50d8fcd3754bae4
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
71f58e08e6564339f6d9cc1d9cd4af8950b7598a4f94733edf1fe6058acdddb9
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7492f0bf86f7bceee459f108b48b10d6047f081db9b1fbc2d7896159c1f7c622
7577f11380640233880201f9a76dbec05d924583d497ccbe50f4d208151044b9
7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
79f19be4d1241ea42837ed32fb07fe4e95101a703aa70cab90c6421a585fe52c
7b83a890d7505000802a345b42875f421e15ee462b166a33e96acff939c1c671
7bb05bc0a6f02c90de52b1a2600ee3524a379b0a1bc01b14079b2c19371c1af1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7dd8a324294b0b2f35794fcf3c8d92f192fc0f33bdd632409da909a537ddce8d
80eeb74f0f51a81b7f5aef39b1b20fe9f60700ebeb80806c47e56b8f2c28a77c
820babb5881aa4781dc2371b14e05790d8d34e36ce9492a0e9ae76760dd386ed
82d269c32d0e180ca534701750f7cf50b90c77f5a42c59efa01f055c2ab48706
85e1ef3c0d8442b0131cdc81c03f99a175a6b6cd326c8166a5867d1bf15a37d3
888965523fdb6625c141134ac6607f96a9162eecfd4055751370f0d6e249f088
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8a8fadfdebcc65982f3ec100c3ef0c3e23f0ebe1c2475b075875afd9f44e352e
8a90b0671824ba6a611cc2355c410362feb93c4ed36054eacd93374f9c9f91a0
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
9392fa59d0748d155f566eae1218e64a9e83c12cefe064f15fe7830e569e9291
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94f4391231c7017c7b3ca3ac3e2347d46f61562979c0fff52c0b1ed7bd191b74
95fc1250bd322a0805b0fa4cb59cb718c3e4df9939de2177d723b2b4ec0fa01a
9735fbe1f6c8e1f808e3f2a1b503043c39768121192d243c989daa43442adb77
982e893e07611329334c180425e08538f91888d595e92be19fea7f5022677063
990c2778b0648232adba8272c8caf79bccd7b6a1d540a7396b75de0518eb660e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0325ef3b63cfd8058d8ef9acc2903dc4a79aba6c8947117498739e12922ee1
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
9d2ada968c3f319260779a78b183774c0f7e35e40f71574f35f8c25e51fc5fdc
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0cc56e49ecff33f35ae493afe098a3e219dc5cc9c880795c55b0fb2684d13c4
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2a45f6124b183effa478f0756c2751459282557677ccd4a71aa06e6ce5a9397
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
a350ff915bd9f6a23c74a2aff9a835c5074f8dac8810174ec05bbb984a2feb26
a48b0246d267174fe105974626461384259025996252802c7b04bbda691440e2
a49068e449a8410b19ffa987353b8b5101de02db99a5f5d128dfa44c014a2661
a4d275aadec8140dbcece4a126cb84dd95bb44d0937a0d3426865892cac7443f
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b05016baa9261cc2c9cd5fe41770498f5d119684e2d1895da76d9d0b6a2e80e7
b0fce4ae8fa4e3b4dd86eb2bb7b52671f72762e83abe677f7cd8f5a7e8ae0c78
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b267136601da10ffc06958cb25d4d4cd7e8f01ce21c01172de9022ee59e68a09
b3e7087e228be3a58b28db80acc7ba4d178749326af5386b4b754f1160b6b44a
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bbf68a0da26f2137d981e90dc41fd86a76dbf9bd84c3a78f07898f98f32320be
bc11a14fb7bab54ef611f95e8907b23ba3984fc9ad785e5cbea7f900a0c49d58
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd07d700ee84ac07df30d7365d6c7a31a2479f53b2c47d3878c9c4ec272ca751
bd2b54f01332bcc1035c71f1750b16c35a30616d8926a6cc856208de7af1d1ce
c1f7fe8fd7e54542eee6f80c6c3f556b624b0848dea3e8830fd032073dbb7065
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758
c9210e1a42a369783a55ae0d49757d7de213e652f1063943754479429f71a364
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbd685395faa77ed84f4c14961c0e66e1126b8e7379547968edc11f8e3b00db2
cc7e1c6831c401711fca60deaac8ca16e9e2c88857eec927f2282894bb952839
cdfb68747a5a7f47a19fd9a95319d9671d86edabd9100f89daf7ef4ce32a45f0
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d187c2f511caf906a11bfcdff997ae61a758b171420725cef499846cb8d42f07
d26d0d95e85b51179f6290ce2330913bddf874174104c5cf46b6c95f07be1972
d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f
d4da984ab14861fd17c8ce218f016dee47960a7cbdd91981a8ea0987f57be5ca
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d554dac06f638d5bbe834d451558aaf25506b16f3d3af5a1ee038768bb74c51e
d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c
d867d176ec313a1231410e0153d440ad5bdc9ec278629bc962ec6566b79ef989
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db3007c3896c302146414fe3d1fe737a09c96192c7f5e3aa51bfbf28b347705d
dc641ae7c825aea8ec4c022f010f15395e91f0fbb6b898714794f59980162951
dd6bfbe8c2c202f6c7bc503cf35deddfa5d7997fb03b22366b9eb7d045358290
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3984198eb73078bb727320b1363493cdc3c1a74c10162e8182b344c5181ae0
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1a82047434c3caf7219f9053a7c46c221750f04ef80b953622d082ac50c5fd3
e20d3bb0302faeb3b849681c8cc841396e341210c2098d6d212380ade5bd6e4d
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ab16511b01d7e83a22a158d03372717da03c39b91852186e64ced3fa6edccf
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e82d0fc54760c4309077150fcc0bd50950ed8efe85f1b62384b48ae55a0d2c35
e89864f92e9bb2ccb8ef33e86cb028ce410e76ccd8bc7817890c419c51c574df
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
eddcc5cab84e5e1b180f53219397eb8519eb4de0c0e4911db2abe838ef29fd03
ee19837fa1e3bc6c40b6713c42f4e48c62761624cfebafb4350e86c6679cc597
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cddd10894ab2aad1138f7cb5ce8597c7be4509e6b926499dbc09f0531ce9b4
f3b8878ff81bcceef1cd9a6d28040b9bcb020a2fcb572320897b8affe4f15f88
f4b031d8972e188ff6ca3d1baa52fedb1991125c215e092757dda6b9eca29c3e
f76ddc67969b7947ccfb65e1dfa7295eea4634f7b076c3071530136a4341f0ba
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f898b60ab19b145b336d5e29eecf0c6e0f271578acd7a0737254a67c5978804a
f8c4fb124d245ed0f88903cfc511d6ce618fb61f344ce578ffcbbc5d00294083
fa78e1259ba46c298dbd5ffc6d0507982f4af2987667b967219e874f7e0cd8e9
fab3a5b45c07012708c6ad1649345d90396f7be12a822c5bb68f2ecb88d429bf
fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5