www.thestar.com Open in urlscan Pro
143.204.98.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On March 02 via api (March 2nd 2022, 5:57:21 pm UTC) from US — Scanned from DE

Summary HTTP 360 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 95 IPs in 12 countries across 73 domains to perform 360 HTTP transactions. The main IP is 143.204.98.71, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 80441.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
2 51	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.19 143.204.98.19	16509 (AMAZON-02) (AMAZON-02)
9	18.64.79.97 18.64.79.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
13	18.64.115.128 18.64.115.128	16509 (AMAZON-02) (AMAZON-02)
1 3	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	50.16.19.147 50.16.19.147	14618 (AMAZON-AES) (AMAZON-AES)
1	158.101.193.158 158.101.193.158	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	13.224.189.108 13.224.189.108	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	143.204.101.28 143.204.101.28	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2.20.85.164 2.20.85.164	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.241.99 52.48.241.99	16509 (AMAZON-02) (AMAZON-02)
4	143.204.98.25 143.204.98.25	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	65.9.84.101 65.9.84.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.224 143.204.101.224	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	18.64.79.176 18.64.79.176	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	54.194.228.85 54.194.228.85	16509 (AMAZON-02) (AMAZON-02)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b5a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.212.211.89 52.212.211.89	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.68.230 54.75.68.230	16509 (AMAZON-02) (AMAZON-02)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
20	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	52.139.4.139 52.139.4.139	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
14	34.249.87.8 34.249.87.8	16509 (AMAZON-02) (AMAZON-02)
2	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
5	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	143.204.98.61 143.204.98.61	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:710... 2a02:26f0:7100:1b2::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.251.36.34 142.251.36.34	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.16.186.8 2.16.186.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
2 2	3.124.249.183 3.124.249.183	16509 (AMAZON-02) (AMAZON-02)
2 2	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	54.154.22.197 54.154.22.197	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	18.184.187.38 18.184.187.38	16509 (AMAZON-02) (AMAZON-02)
2 2	52.213.253.251 52.213.253.251	16509 (AMAZON-02) (AMAZON-02)
360	95

1 143.204.98.119 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 143.204.98.71 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.64.79.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-97.txl50.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.64.115.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-128.txl50.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.136.157 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.19.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-19-147.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.193.158 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.189.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-108.fra2.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-28.fra50.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.20.85.164 (Milan, Italy) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.241.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-25.fra50.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-84-101.ams1.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-224.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.64.79.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-176.txl50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.228.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-228-85.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:1700:5::5f65:1b5a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.211.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.68.230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.139.4.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.249.87.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

torontostar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:1700:5::5f65:1b69 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.34 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:1700:5::5f65:1b62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.24.193 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-8.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.249.183 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-249-183.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.158.38 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.22.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-22-197.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.24 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.187.38 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-187-38.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.253.251 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-251.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	thestar.com 3 redirects thestar.com — Cisco Umbrella Rank: 51245 www.thestar.com — Cisco Umbrella Rank: 80441 e377.thestar.com — Cisco Umbrella Rank: 231541 images.thestar.com — Cisco Umbrella Rank: 79028 resources.thestar.com — Cisco Umbrella Rank: 183385 misc.thestar.com — Cisco Umbrella Rank: 563718 s.thestar.com — Cisco Umbrella Rank: 242030 api.thestar.com — Cisco Umbrella Rank: 245916	2 MB
34	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 80245 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 292778 img.sportradar.com — Cisco Umbrella Rank: 138078	727 KB
21	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9193 query.petametrics.com — Cisco Umbrella Rank: 9963	65 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	168 KB
17	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 49342 elb.the-ozone-project.com — Cisco Umbrella Rank: 9346	96 KB
14	googlesyndication.com 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	60 KB
14	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 298356 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 181 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	166 KB
13	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 419 image6.pubmatic.com — Cisco Umbrella Rank: 571 simage2.pubmatic.com — Cisco Umbrella Rank: 554 image2.pubmatic.com — Cisco Umbrella Rank: 774 image4.pubmatic.com — Cisco Umbrella Rank: 765 simage4.pubmatic.com	27 KB
10	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 4525 z.moatads.com — Cisco Umbrella Rank: 329 mb.moatads.com — Cisco Umbrella Rank: 587 px.moatads.com — Cisco Umbrella Rank: 392	145 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359	6 KB
6	clarity.ms 1 redirects h.clarity.ms — Cisco Umbrella Rank: 1867 c.clarity.ms — Cisco Umbrella Rank: 547	24 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 38076	26 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4445	110 KB
5	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 1775 c1.adform.net — Cisco Umbrella Rank: 524	2 KB
5	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682	660 B
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1691	816 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	225 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 338 c.bing.com — Cisco Umbrella Rank: 193	13 KB
4	pinterest.de www.pinterest.de — Cisco Umbrella Rank: 30731	14 KB
4	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430 dis.criteo.com — Cisco Umbrella Rank: 617	53 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 409 as-sec.casalemedia.com — Cisco Umbrella Rank: 1068 ssum.casalemedia.com — Cisco Umbrella Rank: 1229	2 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 pixel.rubiconproject.com — Cisco Umbrella Rank: 289	3 KB
4	gstatic.com fonts.gstatic.com	118 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
4	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 525 analytics.twitter.com — Cisco Umbrella Rank: 464	128 B
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 822 www.pinterest.com — Cisco Umbrella Rank: 1057	2 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 529232	92 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
3	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2441 p1.parsely.com — Cisco Umbrella Rank: 1953	26 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 821	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	2 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 184 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 219181	5 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 125	2 KB
3	t.co t.co — Cisco Umbrella Rank: 448	539 B
3	districtm.io hb.districtm.io — Cisco Umbrella Rank: 77133 dmx.districtm.io — Cisco Umbrella Rank: 1201	404 B
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 462	1 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1469 mwzeom.zeotap.com — Cisco Umbrella Rank: 1307	901 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4364	637 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	807 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 19385	683 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2494	1001 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 687	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	425 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	openx.net torontostar-d.openx.net — Cisco Umbrella Rank: 314773 rtb.openx.net — Cisco Umbrella Rank: 1359	788 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	66 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 238016	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 531	11 KB
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 559	260 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 707	610 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1868	398 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438	501 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	277 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2242	336 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1433	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1376	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 878	517 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 713	328 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 604	39 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 63407	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 254464	487 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 207012	428 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 199666	139 KB
360	73

	Domain	Requested by
51	www.thestar.com	2 redirects www.thestar.com
20	query.petametrics.com	www.thestar.com
18	img.sportradar.com	www.thestar.com
14	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com ads.pubmatic.com
13	images.thestar.com	www.thestar.com
10	pix.eu.criteo.net	ads.eu.criteo.com
9	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
9	e377.thestar.com	www.thestar.com e377.thestar.com
8	resources.thestar.com	www.thestar.com resources.thestar.com
7	static.criteo.net	ads.eu.criteo.com
7	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	px.moatads.com	www.thestar.com
6	tpc.googlesyndication.com	422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	c2shb.ssp.yahoo.com	js-sec.indexww.com
5	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
5	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
4	cm.g.doubleclick.net	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	h.clarity.ms	bat.bing.com h.clarity.ms
4	www.pinterest.de	s.pinimg.com www.thestar.com
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
4	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app js-sec.indexww.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	secure.adnxs.com	js-sec.indexww.com
3	fastlane.rubiconproject.com	js-sec.indexww.com
3	data.ontario.ca	misc.thestar.com
3	fonts.googleapis.com	misc.thestar.com client cdnjs.cloudflare.com
3	unpkg.com	2 redirects www.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	analytics.twitter.com	platform.twitter.com static.ads-twitter.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	t.co	www.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	eb2.3lift.com	2 redirects
2	ad2.360yield.com	2 redirects
2	ads.avct.cloud	2 redirects
2	x.bidswitch.net	2 redirects
2	c.clarity.ms	1 redirects
2	px.ads.linkedin.com	2 redirects
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	ct.pinterest.com	s.pinimg.com www.thestar.com
2	www.google.com	www.thestar.com tpc.googlesyndication.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com	www.thestar.com
2	422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	api.thestar.com	www.thestar.com
2	dmx.districtm.io	js-sec.indexww.com
2	p1.parsely.com	www.thestar.com
2	s.thestar.com	resources.thestar.com
2	www.googletagservices.com	www.thestar.com 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	z.moatads.com	www.thestar.com sejs.moatads.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.rubiconproject.com
1	ap.lijit.com
1	ssbsync-global.smartadserver.com	1 redirects
1	rtb.openx.net
1	cm.adform.net
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	ad.doubleclick.net	www.thestar.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.pinterest.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.google.de	www.thestar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ads.eu.criteo.com	422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.thestar.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	js-sec.indexww.com
1	torontostar-d.openx.net	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	api.rlcdn.com	js-sec.indexww.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	hb.districtm.io	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
360	125

This site contains links to these domains. Also see Links.

Domain
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.niagarafallsreview.ca Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.prmutv.co R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2021-02-15` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-10` - `2022-03-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn-stackpath.petametrics.com R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-20` - `2022-08-20`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.liftigniter.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.ozpr.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
fn.sportradar.com R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
img.sportradar.com R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: EF1863B65629A0F334BFB9DB1C0D9268
Requests: 264 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3582593C7113350093E6209783634EF3
Requests: 1 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Frame ID: 239C0273AED4065DF4EC4844D44D64CA
Requests: 9 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: FE23EAF1A453019A9D4A319A0792D85B
Requests: 1 HTTP requests in this frame

Frame: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D520A7C079D4B25446CC0F88178E37AD
Requests: 1 HTTP requests in this frame

Frame: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50D20C2C0F7CEB8871A13A4D96CAD2E2
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yh-v9wAI8BIHg4USAAzx5pHTdCJK3crm4HtHwg&u=%7CTosvDezxyhAdZKyZZoBL%2BKaZ1nQ%2FlzhJGAgGZno5GI8%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yL2KNorLLlVhXOr9r-YfMbqToIQMy6A2Hde-l7EDVHY6yVFJHE8vxrfjw0MQm327Jye6DKTMJc4kE_OZ7mTP86BeeR2rAp3T2q7cRbupxB2fRTLyNj6YguZbdvbvfBdQjG5crSBEvfavCwVq81-rq0kioImNp0Kv7lUDTFvKTDa-J2y2dQeEtG5XZA9igdp3w_6PmTA2FUqQgqNyh17NvtTZ5vWWvQShl9ojtj7-5_YQKV-l7aTIXCUJ44mhO5NoDhrWvv3H8WLyt5IO45k-x3jeUEk1kCfH1tZO0C55KsEsLd-ZEWf2jweLm9PsfXRPcVdALhjJLTZyej5CVY6GCEipY34sn8D75Tw6d29nr2VUR5SlOvIiHgT8seC0nmiWze4krtIo99T1w3w9tXH4FfDg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu0jb968fYpLgI5KKjuwP5uOz8AHJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpAqx3H5YvpLI-4AIAqAMBqgSPAk_QB9GaLCDK5XO88afb4b5VD7Fq97B2-OZiUTjO2XLCdedogRFdBplss4gZ7sVGGoYkUIQCud9NNUnvRG1hrpnjTxGhiF2THWZmz37NxeiBBRof9SHN0NeP9zpF7SgfIUHYCHo8L59Uy2n1UDnadhTBruKswXlU8LJF4xyM3PRg2BvGYLlu1d7a1l7WkwarbiSSNOn5H0_9Zdh0PS4YrgRWesFhXsUW1TVXl9ugRDvVVuUtNpsywbS4ZJ5-MZudZpA98kAHtyyyy2MTYxMVjbdrmCh9Ujh--t1YnmyorsV56qk4ufDr892yUw2ecQd56Wq4xKgBwsrejfYdIkcI1wA10Zpj__Caoyj8tkk_VIrgBAGABqS7oZPvx-DqbqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07_2VTOVO63KUrPTMi90kU3haNVQ%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: A7AD4260036FC53366CBCCEC08A1A011
Requests: 26 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: C20D1B865C06171CACB49374296DAC4F
Requests: 2 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 0417393B5FAF6896B3205962388ADF65
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4ED32610CD93D3C2FE35B1815BB7EB15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 467A16D79C072BA1DE43057E534189EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 672AEA4877C6D8B829C3ABCF78967B1C
Requests: 2 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=ab6edd6d-e2f8-45ce-9686-7787ea46d15f&publisherId=TKN100000001&siteId=4204204311&cb=1646243831484&bidder=ozone
Frame ID: A7641F91D84F4A640E68F5F98F9A86A5
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: 769077E4113AB670A5C7661FB7FC552A
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
Frame ID: 4EF1CE7DB3D7E5DADE38C953CCC3E159
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e802621f-affc-4400-9a35-45ec7271ff69&gdpr=0&gdpr_consent=
Frame ID: 9D9312ECFE25694556DD0477B8E60F7C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3789303753791213705
Frame ID: A314BAC87D0460F215597B3046A05521
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 679DCD9FD9684C960D0BDA86C952A174
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070563436872726668
Frame ID: 65E56BE76A8CD49DD439B6A22840CC98
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
Frame ID: A09B9D6A4CD3E40C3A26A3501BBCA32F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

360
Requests

93 %
HTTPS

28 %
IPv6

73
Domains

125
Subdomains

95
IPs

12
Countries

5119 kB
Transfer

17520 kB
Size

121
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 84

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 87

https://cm.everesttech.net/cm/dd?d_uuid=14695474953253224114300255948331748002 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_v9gAAAIY5vwP7

Request Chain 110

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=

Request Chain 192

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 224

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 279

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

Request Chain 305

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1646243833656%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKGOSgtuwPEugAAAX9Lx2hzVTneQ3Yji0fKSF2dXXVTphfQISn_N6skC6T4DnuclghUxcrBKzQ0P7coL_TrsAesN9Ieww

Request Chain 307

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&RedC=c.clarity.ms&MXFR=067CD8803DDD69200FE1C9DB39DD6781 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&MUID=14D31B0080076E2A3DE10A5B81D56F96

Request Chain 315

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e7577567-1981-4868-b28f-34b781800e3b

Request Chain 317

https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=1ae7decc-46f8-4697-99f2-3750ee691109

Request Chain 318

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=1f9c659e-a453-456d-9825-5e09d04cf824

Request Chain 320

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=8ad955c2-f6ea-4018-be41-656b3e6bd764

Request Chain 322

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=5614830155309880594

Request Chain 324

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=479715198273558496077

Request Chain 332

https://c1.adform.net/serving/cookie/match?party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B

Request Chain 333

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e802621f-affc-4400-9a35-45ec7271ff69&gdpr=0&gdpr_consent=

Request Chain 334

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3789303753791213705

Request Chain 336

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070563436872726668

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rZodeaM3TxiuFJ7wnKk5ew%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 339

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b23621f-affc-4100-80c0-59add9ec2d57

Request Chain 340

https://pixel.onaudience.com/?partner=214&mapped=AD9A1D79-A337-4F18-AE14-9EF09CA9397B HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=14792d4192aab29e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e78ef5de1e6&zcluid=14792d4192aab29e&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHN5BY21_lJKUkMh9en1Wz4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e78ef5de1e6&zcluid=14792d4192aab29e&zdid=1332

Request Chain 341

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUQ5QTFENzktQTMzNy00RjE4LUFFMTQtOUVGMDlDQTkzOTdC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 342

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJBVB18irgiVeEJso2d129Y&google_cver=1

Request Chain 344

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7528565762967953554

Request Chain 345

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ae7decc-46f8-4697-99f2-3750ee691109

Request Chain 346

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1863203928492679470&gdpr=0&gdpr_consent=

Request Chain 348

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Yh.v-IDEAAcjiAXo4VVBsAAA%261204

Request Chain 350

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=269b2464-51c6-487e-ac8d-adf966357209

Request Chain 351

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAG_6U7EP2AAAAsg4jRTxw

Request Chain 352

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1863203928492679470

360 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

405 KB
77 KB

23ms
23ms

Document
text/html

143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

85dc5933773fe809c2f8b8ddf4ba9ebfd7e46135d0c9a53c9998918284378c1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Mar 2022 17:56:04 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://amp.thestar.com
x-powered-by: Express
etag: W/"6538d-A6BCNxaCkQW1wc5X1M2k0YJTr7k"
cache-control: max-age=180
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: K80tIyVj6mT8Gfn2DYOd-9nYlpf8mlGGMjDjiP3mQefPBq5Bf-fRRw==
age: 65

Redirect headers

content-length: 0
location: https://www.thestar.com/?redirect=true
server: CloudFront
date: Wed, 02 Mar 2022 17:57:09 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qyJ4vAAbxzqDCbMEO-F8GMFfu2LvvLdU7ZpddfZHg3Jip5NlFMqbew==

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 33ms
31ms Font
font/ttf 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:32:40 GMT
content-encoding: gzip
age: 8669
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6028-17f2c9a67d8"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UXB4pyjB2eWlc_DpD2hFqcc79pJ6-eiNM9Fl7F4ARmsUdckcxr8EUQ==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 37ms
34ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:07:34 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 13775
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"478c-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: DzEb0w1IHNgZCtVXoyBxjv-zF_63fNnCwRYgRbaMjse3dwUrgeMcRw==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 44ms
41ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 702
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4764-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7HQJPcHY7anX843KoPbPhQvuLD6vCMWTWA29Rnpw9V5Ifz1lTS-rEQ==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 36ms
33ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:26:04 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 12665
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4a6c-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: yzyczAjXvrBH8snKSbheNnOE5kP4P4mabnyLSDGDrx_o1ur6tUnN3g==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 40ms
37ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:45:46 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 4283
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4930-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: wOxNih0wPLLdC6R5QKbcjlfVdPIRZYDgk8QS6lHW95DbfemD9pEvoQ==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 33ms
30ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:28:15 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 6272
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d6f8-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: cz5oEB7kyWhY4v_Iw4-LpOgd9O3EfFJNr3mAfoq-gw77x8F1vZUXOg==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 45ms
42ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:26:04 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 12665
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d1a0-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: tj1J1V3DF6aNX8s65d1jvuw69Xj0lNZzDe3u2HyjqYrjpGtyR0M_2Q==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 37ms
34ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:52:25 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 7484
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"dc3c-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: qO3FDA6clEp6eiNoyE3nJAjM6xMLRNUtiC-AIlQZoDK_--dSPxvnYg==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 41ms
39ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:49:34 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 11255
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d610-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Y3OypIrC9VnN1JfBRRlUJmuWVu3DTcO6fl1NMslAGoXeVKboUWuphQ==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 43ms
41ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:49:38 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 7651
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d420-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Mf0JeYdmVlxWxSJ_xYr0U8f71paK7TVRo60iAFN7MJxhFYd185XQeg==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
1 KB 47ms
7ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 04:26:48 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
age: 54467
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QPi28QmxoaT3VgtwFXXKwk4Od-hi7B1lxF_ePDZSk1WUQQGYpAxTIQ==

GET
H2 200 script.js Show response
e377.thestar.com/ 139 KB
41 KB 82ms
22ms Script
text/javascript 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

4d96588a3687a67b35d69ca24bab05433cebd514f1d5b9c901d4ea7577fce5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 80
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41462
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 07:02:17 GMT
server: -
etag: e72389723f6935f5f5e22c0bf16fa2ed
content-type: text/javascript; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: TXL50-P2
x-robots-tag: noindex, nofollow
x-amz-cf-id: W-3rOl3D81t98GFmTGMovWVuLdHabB7ht3yzaAXuAt49z-Ln7-2QKA==
expires: Wed, 02 Mar 2022 18:05:49 GMT

GET
H2 200 71.css
www.thestar.com/static/ 8 KB
3 KB 17ms
16ms Stylesheet
text/css 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/71.css?v=74364c882dc7d0ac22e2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

e48c7778a0a8dae4dddef0b1cd2b30ac62f2704bcd5b9b2a919496fefdfe1449

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 07:39:20 GMT
content-encoding: gzip
age: 37069
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"205b-17f2c9f1710"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 71LQ7QuClcaN834l4NP3QmiuDrm5A11ngg0TtbIKtqdoGRwR9h19Zg==

GET
H2 200 bundle.css
www.thestar.com/static/ 434 KB
56 KB 17ms
16ms Stylesheet
text/css 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=386f0a0429843c0ea64e

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

5ab4aef68986f860852f64d71bad5506b519177d2e66a88b615e4edb9cc4720c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 09:17:10 GMT
content-encoding: gzip
age: 31199
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6c991-17f2c9f1710"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oJV6Fbg1UwxvDMXoWhqGaWOqgnABUZic5qia-X8cNaxcI3Akuppkvg==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 479 KB
139 KB 127ms
68ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64bdafcc03962457a8abc24b3855724a936c31bcbf6931c08cf0ed16bedb4b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 586
x-guploader-uploadid: ADPycdtgfQmONoZ6FnM6k-RcA-FYmjSUzR02_4Rc3zC_Xj7w5fcDYEwJestuuAJ2irRnZlBafSWDq1LOo6P3qkcOqMg3e4jzKQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 02 Mar 2022 14:42:38 GMT
server: cloudflare
etag: W/"c78efb3b52a7fb13458dc5b8cea70319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=diNWBA==, md5=x477O1Kn+xNFjcW4zqcDGQ==
x-goog-generation: 1646232158241911
cache-control: public, max-age=900
x-goog-stored-content-length: 146705
cf-ray: 6e5c035efbd53750-MXP
expires: Wed, 02 Mar 2022 18:12:09 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 247 KB
86 KB 88ms
51ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:09 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 4KAWYNA2D3116FFJ
ETag: "521bfcbd7c2e1d437f33711131ef9759"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=55105
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: AqHOUOFV+0TwqjDK8zhYyVDwWlbroxLB8FsODEDzBglybm1z7yzjtzqdSX3Ha7uwI+PxsWVU9e4=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
467 B 17ms
16ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:15:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 9675
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"16-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: CEbiTeF0Cn8wzJTrSSfPja9pLINPAX5J5ihTaCMOxkI4JPaoPg5U_A==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 20ms
20ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:08:32 GMT
content-encoding: gzip
age: 6517
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1df3-17f2c9a6bc0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: C-HEflVhJPfj9XJ_CKUGcHE0pXZfTDgsrkwKsrf9YWZjwCgDNNQdQA==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 37ms
36ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:09:23 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 10066
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"24d-17f2c9a6bc0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0-uuwes0ZPB-vX-uMWSjKH90H9YunmipUFB4n_ieyhR3SoBCsofVBg==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
1 KB 37ms
35ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:49:14 GMT
content-encoding: gzip
age: 7675
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"73e-17f2c9a6bc0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hTPXQn1xPsUr5xFrS7vVc-_tSVbCyO9EXzzCqLW9cI6nClY3LsQvAA==

GET
H2 200 DiManno_Rosie_logo2015.JPG
images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 78ms
18ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/DiManno_Rosie_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 20:14:13 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 20209376
etag: "4e821b61fc91fae540b114d909a38e3e1f364024"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 2989
x-amz-cf-id: kChQLTHyDM7xj1xvOyUw9cCZW8E7Lnjmj0SdJ1Yc_cJIiGrVY8N5Tg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Raj_Althia_logonew_2021.jpg
images.thestar.com/kiUHEfYp4-S1mUZ1ZPAOutsFCog=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 79ms
19ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/kiUHEfYp4-S1mUZ1ZPAOutsFCog=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Raj_Althia_logonew_2021.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dfa59124f99a0503ec4d75f66a682c6f863b7e6c8c8c1b3de1edc6bea476d79d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 20:23:08 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 12951241
etag: "f772ce210bc5ec40fe378efa8f444bde86825f8a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 3018
x-amz-cf-id: eXU-KktRKuRnmG0SqGxz7NVbRSwQnheY4DEyErAy9uUOgCtu2Y2lRg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Menon_Vinay_logo2012.jpg
images.thestar.com/NVuhcem0RaWarNiU-40M5t_ntb4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 79ms
19ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/NVuhcem0RaWarNiU-40M5t_ntb4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Menon_Vinay_logo2012.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a6d28cc2f21d315f8a31925d7d7c23a9e501bd449968121eea996068fa116e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 22:24:41 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 11907148
etag: "8c20090e280f13a83eb2de37dfcc91c86297b542"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 2997
x-amz-cf-id: E1vcPNrQuLip_f4jUIy45kqzyLzOqD17Roc3pRTmZafdnM8DhnKYfw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
704 B 37ms
34ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:29:40 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 8849
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"107-17f2c9a6bc0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7KERT91gn-zLim8SOERIYWsI2SGb6RAs5B0rzrcRjYYJOyQCXHOmng==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 36ms
33ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:36:24 GMT
content-encoding: gzip
age: 12045
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1e63-17f2c9a6bc0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BWQUe-dL9LJBbS55u2omvDAC_VajghcsSvBtLEW3k3r4_KCUrpAmoA==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 36ms
33ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:48:57 GMT
content-encoding: gzip
age: 11292
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:39:52 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"2859-17f2c9a6bc0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lfdCSZjUCbCiSL-gzg1bXUNGPgeZOAbzFgKRBwltYIREt6IHvpL-RA==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

90ms
7ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100134-IAD, cache-hhn11563-HHN

Redirect headers

date: Wed, 02 Mar 2022 17:57:09 GMT
vary
x-cache: HIT
location: https://static.ads-twitter.com/oct.js
retry-after: 0
accept-ranges: bytes
content-length: 0
tw-cdn: FT
x-served-by: cache-hhn11539-HHN

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
567 KB 12ms
9ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4d5e9c4a826a6ad8864c2dfb2a8be7fe1783ff4f96d815cd6a54d944828e14a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:54:59 GMT
content-encoding: gzip
age: 130
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"2032ad-17f2c9f1710"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r7pW97eGBvQeOguVqd6y02k4kG5fsyV5ELFsW12ZS0UWYJMAzn_SoA==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
236 KB 32ms
29ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=16d0e423

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

72567baead75b7593c93944704258e62ff7dc603137a401a9a1768244015e8d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:54:59 GMT
content-encoding: gzip
age: 130
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1339b4-17f2c9f1710"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3ntuarVgffnoLIqZYHwIzo_Lg5E02MjLYqOUUXSdnPerO_9T4EqvMA==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 216 KB
66 KB 10ms
7ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c13ea2a6f811eb634d2df42d51571f58e22bcab88fac072423da56b7ac8c8fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 02:04:19 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 01:02:04 GMT
server: AmazonS3
age: 57171
etag: W/"be9ec03b3097edd0c9b71461bc69a397"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: K6bTdvCrQot5__8GJCQzDjg1faUW1mZOXqm-7zluIACqai12T6ejfg==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 5 KB
2 KB 9ms
7ms Script
application/javascript 143.204.98.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-19.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1793fbb2d9f477dfa738dbf9637bb175b41f2396b4b517758b48d4459bd2771c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 02:47:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 02:13:56 GMT
server: AmazonS3
age: 58212
etag: W/"a22c224b4238bbd241c45fa9bc62a258"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YdCKeHI3igMCFFKunr-d9tEijsbK8L-4EWZvbRFc7_KfiweYrUDNEQ==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
699 B 331ms
110ms Script
text/javascript 50.16.19.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json426

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.19.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-19-147.compute-1.amazonaws.com

Software

- /

Resource Hash

c05389790ddead1de4778aaeacbae24fe6c43f9734d3b5b7eebea922056adda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 350 B
428 B 139ms
14ms Script
application/javascript 158.101.193.158
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.193.158 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 64f4a24edeb6cb233fca0c37d397bf1354bcfa87068c52460300964719694268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 350
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 317 KB
69 KB 72ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f6988ad6bc455fd5f1bb30136babdca221ca4fbd74d709bfc58b5b2d71e54d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:10 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:32:06 GMT
server: AmazonS3
age: 1500
etag: W/"973cf9c886bed5c0d36d2c0ad3371443"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yQWwtSN7MfkYfsSm3GFIQdW_NF.2F4DQ
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: ll29TC8JodlTWGAgGEORyiGyLErERWlerWp2Xllm_0gM7nI2pwS4fw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
77 KB 45ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

428aaa2eacaf2f231b2ec36e7f771d7df7253cfdd405ab2e9571fdbe47346766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77896
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 44ms
19ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: de58c69041bf75e35d8a15240cda0f5ab8a65ed9c8da8a977e9157d415d6edab

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 14ms
14ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0f3cedb78854a6470a014f9de97fbe9efebd43b98a621fb9c0a4bc35181f8ea5

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:28:36 GMT
server: gfra1
etag: "621e0364-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H2 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 104 KB
27 KB 10ms
10ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 8bae5fafc8928ed931abdb779e429b10201b37ce44793ad1a7afcaae33d174a9

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:28:32 GMT
server: gfra1
etag: "621e0360-6b52"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27474
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 94ms
92ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D4B6DEBD9A5B16FDC1DEC92BBEE782C54&h=5ef5e730d794c112602590b8dbb638b4&r=0.03930667041954572

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 34ms
8ms Script
text/javascript 143.204.101.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-28.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 02 Mar 2022 17:15:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 2540
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: b0oTCZYziHmnNATyc7umAwDjIgmE-dXxQLPXkeiHccFmV92uLjKn8A==

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 219 KB
62 KB 10ms
10ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ca5bb78c8ce1697079eb187106c54e3deb6a3da3754546764aef9da6b3058227

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:28:36 GMT
server: gfra1
etag: "621e0364-f9aa"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63914
via: 1.1 google

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
487 B 45ms
15ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 43489af29315e182856bd685824accdcbe1585df683d98f7eb6021e874959bf1

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
687 B 80ms
48ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:09 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f01a89db-c02c-47fc-a578-8d109e6a93e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 187 B
425 B 78ms
15ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d5bcde338aeba0acd272564af6d9a209e8728793e81841a879f762c8a0d3ddb7

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google

GET
BLOB 200
OK 15437eb4-ddad-4132-87d9-793ead8a9ddf
https://www.thestar.com/ 271 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/15437eb4-ddad-4132-87d9-793ead8a9ddf
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dca1bc36a8a32a678c9f4581ab791c3aef4067c69aad64f1076addcc3d9a93d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 276992

GET
BLOB 200
OK 9812cff2-dbc5-4bf3-b47b-67e01a0b0e95
https://www.thestar.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/9812cff2-dbc5-4bf3-b47b-67e01a0b0e95
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff9c7b02c83d7dd42423a7c4c9df87bb97fb7c1511ce239d3e12963ecf2db3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 19525

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 348ms
22ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:09 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 139 KB
39 KB 71ms
18ms Script
text/javascript 2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 17:35:49 GMT
Server: Apache
ETag: "7630ae-22b48-5d93fb6631435"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2342
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39661
Expires: Wed, 02 Mar 2022 18:36:11 GMT

GET
H2 204 ron.torstar.js Show response
hb.districtm.io/prod/101918/ 0
268 B 57ms
18ms Script
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/101918/ron.torstar.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6e5c03604c5c5b2c-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 58ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48122
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 25ms
25ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=74364c882dc7d0ac22e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=74364c882dc7d0ac22e2
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:54:53 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 136
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"195ac-17f2c9f1710"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ur93A_alMeSfL5sQ9erHVD1UCgojASw86KQ2cz8ROmuPGZBTSfr6Ug==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 2 KB
3 KB 180ms
61ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=866830701108&callback=MoatNadoAllJsonpRequest_16168453
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 67ccae70e1297c73eb31fd496d63cee380287cfbbec49b3fa7fcfe03b0a1a0e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "ad61237fad0a4f75a6226a796747fd787d88d9e3"
content-length: 2543
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 3582 1 KB
2 KB 25ms
25ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

x-amz-id-2: cMTMm/T5i/x+FajcHkVdFOSmWAZag3PGFBeFtprKDfuotZYacHPbNTZ9It13lKcp9wxjAAroOng=
x-amz-request-id: 3AF06B645285EDE5
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1516
date: Wed, 02 Mar 2022 17:57:09 GMT

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 26ms
26ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=386f0a0429843c0ea64e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=386f0a0429843c0ea64e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:30:19 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 1610
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Thu, 24 Feb 2022 16:39:51 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"2bf-17f2c9a67d8"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ddaScejvifUIIHRgWgYpkqcTU83c7ciyvdDiCYiVquTHjunWRcNmyg==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
91 B 28ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 749e63827d1bd3174c55371ebbd238efbfefeb200ebc54cb970721f363e1a8c6

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 16ms
8ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:09 GMT
content-encoding: br
last-modified: Tue, 01 Mar 2022 11:28:32 GMT
server: gfra1
etag: "621e0360-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 hp-widget.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 239C 23 KB
6 KB 544ms
492ms Document
text/html 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/html
last-modified: Fri, 31 Dec 2021 18:56:00 GMT
x-amz-meta-version-id: Yu_xc7TW93J_peac1Z2v4Y.D22xnV9CW
x-amz-version-id: FXr.crfz3DTu50xCded7GEEku5dpffZ8
server: AmazonS3
content-encoding: gzip
date: Wed, 02 Mar 2022 17:57:11 GMT
etag: W/"085e4d6b945679e45e8c1b6008c083e1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hnG4OqRhJeNR4Udd4X31Jnid5ap0xxfOzUvDqYpq4f--5uqgsE2bMg==

GET
H2 200 adsct
t.co/i/ 43 B
337 B 162ms
141ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4b1d429f-ab86-48d4-b587-310ac4b61a0d&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 125
date: Wed, 02 Mar 2022 17:57:09 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 46e976a9609eba197786e9e462df555ad85ad0969071fe661c8324860ba5fa23
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 38ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: EN1tL74hiMo7vC8+XBQEFFZT8K7pTLTTWNJwG3f6NicX48A02CQoVZ+dyBs946r0IxXcSDEa0yzpGaJbIMLC1w==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 02 Mar 2022 17:57:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 42ms
9ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 07:22:38 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 38074
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cGLyjbFZygG0ZwByjmj7gJObjipBwInfcDibDElcHt-7CgmS5VO0Og==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
523 B 2303ms
557ms Image
image/gif 65.9.84.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-84-101.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:13 GMT
Via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: vqHMKTC31W0pamnEzWzxet5fXE-azOkoUkzOkFUsG0J5RglyRmv3GA==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 54ms
7ms Script
application/javascript 143.204.101.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-224.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 08:25:09 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Age: 34321
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: SX6LTjqyJraRv4vLd-wrXdIf0DmfPgDAZm-fj-pNOgCTgbxivHfoTQ==
Expires: Thu, 03 Mar 2022 08:25:09 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 60ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=457289
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:20:09 GMT
server: AmazonS3
x-amz-request-id: HQZ4WMYWYTXJT00D
etag: "9a641477338b3d37265acf599cd17fde"
x-hw: 1646243830.cds236.fr8.hn,1646243830.cds144.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 46600
accept-ranges: bytes
x-amz-version-id: Kt7yVs60jDHQzVMEmqSmzZUltniCZ.1l
x-amz-id-2: g4kcNVw53GvtJOK2uX0vk5BViJRRZM06ssmF+WioW/aZBy+OROtMw1mWBoEcAIpuVIyXt9qxgks=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 92ms
37ms Script
application/javascript 18.64.79.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-176.txl50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:48:06 GMT
content-encoding: gzip
age: 543
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0867XCVDAJKSAK458V1T
etag: c1da564f59b83b9805e8df92eca012f5
vary: Accept-Encoding
x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 2FP7QiE5Fmb5UL9RQ8hCdbTx1sKWd9WxrfmbsR1mFJVJ0PwIcqZn_g==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 21 KB
11 KB 35ms
32ms Font
font/ttf 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?203c50bac89a39e0ae4f2cca3d0d56d4

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=74364c882dc7d0ac22e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

cfe210b9b960e92d867cb501ba3cb9b03c4c66b816dd2427566bed986fb1c00f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=74364c882dc7d0ac22e2
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:56:32 GMT
content-encoding: gzip
age: 38
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Thu, 24 Feb 2022 16:44:58 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"5254-17f2c9f1710"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -OGmeXIhvu-e-vbFkG2WU1uEAXUG8j3Yi7U4-IyXxfkcIgsp5ulbrQ==

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 138ms
115ms Script
text/plain 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4b1d429f-ab86-48d4-b587-310ac4b61a0d&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 02 Mar 2022 17:57:10 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: d1036e69db73720d4624dc991470038666ac860bbd6fdfa789360982f35de6d6
content-length: 0
strict-transport-security: max-age=631138519

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 127ms
36ms XHR
application/json 54.194.228.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1646243830134

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.228.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-228-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

399b384fb6898e59e43879a84599f32789d6ad791a7bfebab2bc8f77a21a90be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v028-020c7aa3d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: zRDpU2f9RRA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 325
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 28ms
28ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:10 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1501
etag: W/"820eb42f3120ddf65e303b24a8285815"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: sSnSt8F.oW3GlM9AhFEmSCjPZ3vI7c_.
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: 0FYBk6nC9lF_tBJMBn7LJOmJBHfcdtm3IQX-YbXEJNPlrlOjWGXAFw==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 10ms
9ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1500
etag: W/"abbe69e5c8f385f00652c3d0c2bba347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AiW.fL1kgp_nT2wn44rcwoDwjeFdMgC.
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: rwQr7ZFp50dCfsIVQpqW0Zs6OeJr9SO-dhfl9xvQ43IF1WOxIBMfSg==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 105ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 35bfca9cb17fabaedc97a387d7ed8206148706c35d1f3b2cf4d9df557eba90f0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 01 Apr 2022 17:57:10 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 38ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=16d0e423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4286da091b204ca52bb76d97556d3cd69edb29f6c507e4b094708fd35e65f628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27893
x-xss-protection: 0
server: sffe
etag: "1147 / 632 of 1000 / last-modified: 1646243394"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Mar 2022 17:57:10 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
423 B 197ms
197ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: eve6e2cfdWOmVZh_d1zaFp33eJl2SB_dP78Dg-6JMJJDF6H08AncpA==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
424 B 200ms
199ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: _cpAzzscvB40si8KH65bc9sUk4kBwwLS3CVOZzmyRmwma8QH8K0EGA==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 22 KB
22 KB 406ms
406ms XHR
application/octet-stream 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d152da0653972f7bd485903e05b40c0663ce2f550b7b01f7985a6d52497910

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SgZK8JYuq66SoP2pZAZXP9r0o968rplN
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 17:42:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f7acf6b43cae5000871cdf4449e7a51d"
x-cache: RefreshHit from cloudfront
content-type: application/octet-stream
date: Wed, 02 Mar 2022 17:57:11 GMT
accept-ranges: bytes
content-length: 22515
x-amz-cf-id: dp2azygUg8gIc-4EtlbAmpc2z_ebqkhZblEy8XsmV-RUC5hSIN-KSg==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 22 KB
22 KB 405ms
405ms XHR
application/octet-stream 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d152da0653972f7bd485903e05b40c0663ce2f550b7b01f7985a6d52497910

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SgZK8JYuq66SoP2pZAZXP9r0o968rplN
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 17:42:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f7acf6b43cae5000871cdf4449e7a51d"
x-cache: Hit from cloudfront
content-type: application/octet-stream
date: Wed, 02 Mar 2022 17:57:11 GMT
accept-ranges: bytes
content-length: 22515
x-amz-cf-id: iT8smwcu2DUmxCfHCLigfmzpIYOfk_ZgvSaRhT_24sfLcHtny6JYGA==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 159 KB
39 KB 762ms
562ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=16d0e423

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

8c599331598210e5f6d017ba1316dc0f40ad4e6bbeb93428662f61ce270bbe2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "e7a2e9d7be9a45819513b8d283e2cd06-33990120691b9d1f883bf6178bdef37e"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Content-Length: 39496

GET
H2 200 ukraine_refugees.jpg
images.thestar.com/X8cJvKjaWbUbvp_Lw9qlB9-IXZg=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/02/russia-ukraine-updates-canada-world-march-2/ 90 KB
90 KB 24ms
23ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/X8cJvKjaWbUbvp_Lw9qlB9-IXZg=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/02/russia-ukraine-updates-canada-world-march-2/ukraine_refugees.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 65a920c6d9fd91d001f8e031df67a2013e897cdb7a5241bfd8f32b669c0d3063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 16:22:58 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 5652
etag: "346f486734f96250617ba0a295c871aad3058c30"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 92152
x-amz-cf-id: 9iUlcEldSH-OfkFgc76lpFHrnPeiZ7b4ihcsVWNpraLOi1D3AB0rXA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 forbiz.jpg
images.thestar.com/0-vwZcApz9fBblDAkdDKoe2V1fk=/0x0:1199x799/690x460/smart/https://www.thestar.com/content/dam/thestar/business/2022/03/02/canadian-business-leaders-pull-money-out-of-russia/ 88 KB
88 KB 24ms
23ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0-vwZcApz9fBblDAkdDKoe2V1fk=/0x0:1199x799/690x460/smart/https://www.thestar.com/content/dam/thestar/business/2022/03/02/canadian-business-leaders-pull-money-out-of-russia/forbiz.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8a06b10450bc4cdfda049f485cd107555aa55099901503350e0d389d9d747e14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:08:26 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 20924
etag: "ed4a22cc35a1e174b2ee9cada561fc80c453518b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 89732
x-amz-cf-id: fd2SzRHnO0tXpSUYePF4B0oPoY_sBApWaXJLNAOl0CpVCVCGTjdoug==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sylvester_main.jpg
images.thestar.com/W1MosgNw5DIzWT3YNrhG-t1ka5E=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/03/02/its-not-a-good-industry-to-have-ontarios-lax-rules-leave-l... 42 KB
42 KB 73ms
72ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/W1MosgNw5DIzWT3YNrhG-t1ka5E=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/03/02/its-not-a-good-industry-to-have-ontarios-lax-rules-leave-local-taxpayers-on-the-hook-for-cleanup-of-aggregate-mines/sylvester_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a6528cea35676a1347adacf576193c7b9e569eed3bb1a45592aa275080a32568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:50:31 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 18399
etag: "7ed60e2254b22dd26f436b0b27d67c04cf8a828b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 42953
x-amz-cf-id: FUJrHLhh_buBoj58HFPcb5c_zrwyvKfi7roBJBz0OdWH2d5Ouja-vQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raptors_fans.jpg
images.thestar.com/F7pvaX3x82goEY7zQ5B9NiBa3p4=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/03/01/raptors-fans-and-staff-finally-return-in-one-big-fam... 65 KB
66 KB 95ms
94ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/F7pvaX3x82goEY7zQ5B9NiBa3p4=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/03/01/raptors-fans-and-staff-finally-return-in-one-big-family-reunion-at-scotiabank-arena/raptors_fans.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a826dd0efdf2b192fdbd52732aefc638787451b4a8dd068cf4920038d24cfeb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:25:46 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1884
etag: "e5c996f15a3677c33f9aaae2e88e284728237de9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 66675
x-amz-cf-id: 7ie0PKdq24_AyuXIk9Th0yiZvbRAoVchqvIemnexDkZMo8Qjw0J8tg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joe_biden.jpg
images.thestar.com/YT6DslMT2L0PIWY4LxxskXAcdWQ=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/01/bidens-state-of-the-union-address-denounces-putin-tackles-inflation/ 42 KB
42 KB 73ms
72ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/YT6DslMT2L0PIWY4LxxskXAcdWQ=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/01/bidens-state-of-the-union-address-denounces-putin-tackles-inflation/joe_biden.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 11234691fc0450764e544602024abafd61a6cb132c10b40cbd4a891966b95e82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 04:47:05 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 47405
etag: "a2c3b97631d175a1fb547fea90f0d56a29052971"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 43005
x-amz-cf-id: CDb32HrpHe0b_x3kuS9nKE6GoJxag3GQ9RuzLQG4SGXSzSUldytHcA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 barnes.jpg
images.thestar.com/SjkkwytF1ml0BmrAoLDvdei3Ql4=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/03/01/raptors-use-home-court-advantage-to-seal-cathartic-w... 46 KB
46 KB 73ms
73ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/SjkkwytF1ml0BmrAoLDvdei3Ql4=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/raptors/2022/03/01/raptors-use-home-court-advantage-to-seal-cathartic-win-against-nets/barnes.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef961ce80d0ba120ad7a16c2822212d6e9c05335cedf13beea518c33dee64e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 03:42:39 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 51271
etag: "e65764f62de8f251a72911282781b025711f722a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 46694
x-amz-cf-id: ZB-POxXgC-Uucv8HHSATIhFCrjfMAnLrbi1UeMRbaRN0ck5SCf8uxw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1337
date: Wed, 02 Mar 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Mar 2022 19:34:53 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

34ms
34ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3512290
fly-request-id: 01FSX6W4F0HDC3WZ2B0RE4K2JD
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e5c036708700f52-MXP

Redirect headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6W46Z5C5ZFHB8FKF4AMJN
server: cloudflare
age: 3512290
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e5c03669f9b0f52-MXP
access-control-allow-origin: *

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame FE23 7 KB
3 KB 165ms
32ms Document
text/html 52.212.211.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-211-89.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 2 Mar 2022 17:57:10 GMT
DCS: dcs-prod-irl1-2-v028-0d3310425.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 14 Feb 2022 16:08:42 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: BMAZic0BQm4=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
s.thestar.com/ 48 B
506 B 63ms
16ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=14709582713658466894296593922401128616&ts=1646243830691

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a7ddca6621cb1e23f76063db28963bb4f5b536799594ab7882b1e87d179673ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-tr22l
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yh_v9gAAAIY5vwP7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=14695474953253224114300255948331748002
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_v9gAAAIY5vwP7

42 B
945 B

34ms
34ms

Image
image/gif

54.194.228.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_v9gAAAIY5vwP7

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

54.194.228.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-228-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0e2d27d1e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8+vjBgwkRJM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh_v9gAAAIY5vwP7
Date: Wed, 02 Mar 2022 17:57:10 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 jays.jpg
images.thestar.com/zlO9PNYkDqpkZ0sDLU-AXF0FYRE=/114x76/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/03/02/coronavirus-covid-19-updates-toronto-canada-march-2/ 6 KB
6 KB 19ms
18ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zlO9PNYkDqpkZ0sDLU-AXF0FYRE=/114x76/smart/https://www.thestar.com/content/dam/thestar/news/canada/2022/03/02/coronavirus-covid-19-updates-toronto-canada-march-2/jays.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 64973f8143c26a348e89437e49465683d92ce75f451d08f9eaafd9c1bf0531b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 13:45:51 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 15079
etag: "1ae634a195ecbe461629303edd407bb70b50ec9b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 6293
x-amz-cf-id: vPu8EWrl3XQ_y5KXmgTMSYN3doIbVRt6WsOKe1WJZ3AlAPIW2LalKQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1trying_to_stay_warm.jpg
images.thestar.com/lkgNCvJ1cO9tZXat-FkPebDn-Vc=/330x220/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/01/they-treat-us-not-like-humans-refugees-accuse-ukrainian-officials-of-... 20 KB
21 KB 20ms
20ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/lkgNCvJ1cO9tZXat-FkPebDn-Vc=/330x220/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/03/01/they-treat-us-not-like-humans-refugees-accuse-ukrainian-officials-of-racism/_1trying_to_stay_warm.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a4e573a0c780cefc9cb73c58ffecfed899d61cb7ad8b58a4271a5712e5f03d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 01:12:46 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 60264
etag: "8ed88b529c4cd69bdb078cb98030f170a05f3ab0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 20745
x-amz-cf-id: G85HBJcb7KmIKEA8khP0rDGmCUMQuv2taaZZgvaI6kUHb1eIqVZPPA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 westjet.jpg
images.thestar.com/XQGHwJ62Y2hhZSgvxbgvaoW7C1o=/114x76/smart/https://www.thestar.com/content/dam/thestar/business/2022/03/02/westjet-to-buy-low-cost-rival-sunwing-in-foray-into-vacation-travel/ 4 KB
4 KB 20ms
20ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/XQGHwJ62Y2hhZSgvxbgvaoW7C1o=/114x76/smart/https://www.thestar.com/content/dam/thestar/business/2022/03/02/westjet-to-buy-low-cost-rival-sunwing-in-foray-into-vacation-travel/westjet.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d2e51e8c3b0430a1d867b268d4758a67d54fd5f7a292e888177bf55310f3c715

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:12:04 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 2706
etag: "39f6ec292133dac5b62bf41bbc71fb28193a4c86"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 3774
x-amz-cf-id: j8tCoVqt3gyGw7ygWhhfTdi9rGHAERWOIn99iBKGjhkYNO6XF4deAQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 53ms
16ms Script
application/javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-127.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Mar 2022 05:26:02 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 15:53:19 GMT
server: nginx
age: 45068
etag: W/"61f805ef-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: akw_Edj9uOFTqWimhs5bvOLaCWOJZkyhffF31HMYtDwVzAVKsbUYKg==
expires: Thu, 03 Mar 2022 05:26:02 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 10 KB
3 KB 251ms
208ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 26f928acdc0833bb3f2b2ee800faf18a22b26f2fd5b2185a44a7e1253853552e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 5 KB
2 KB 221ms
182ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 4dbad609fb1a658b9f27db7365cc402d07471d9d6c4b0b92963c1163197f1633

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 11 KB
3 KB 213ms
179ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 116a9cea25d350fb25d20a2f63faf169205e6459a640da0a723185c6739ba8dc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 5 KB
2 KB 213ms
183ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: cf4deedbf83f4df152489ca7381d0f65ea773db35797db9acf290cb65f1f97eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 2 KB
939 B 355ms
330ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: b15bfcb7eef810d120f48e515fdfe034658979bec7510858e9243afa20b7ba12

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 5 KB
2 KB 265ms
244ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: e4cfbbe3f66b492889fac1a5d73d4cbbacf99b03474a230647f32fb3233c00c0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 13 KB
4 KB 179ms
166ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: d731ce0b39bed4db001d2e913540143fa96dd0d8dc9bc958e61e84182a6765de

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
175 B 118ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1637&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=4&jsfv=nbc&ts=1646243830738&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ Frame 239C 4 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

febce070f70d4d8216c9a0da08d3938ded160cfb3eea58b7ba57340cad506d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 16:34:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 17:57:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 17:57:10 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 239C 207 KB
69 KB 25ms
23ms Script
application/javascript 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 130
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
date: Wed, 02 Mar 2022 17:55:01 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Eu7tO3ghXJmICYOfV9gf8SFMTdVsgRcsMMaczyiJ4S9bsHWjJGB6vQ==

GET
H2 200 needle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 239C 470 B
880 B 14ms
13ms Image
image/svg+xml 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/needle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: PHp84jahms4CJNjldWqFykMudiRkBAyd
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:00 GMT
server: AmazonS3
age: 130
etag: "7b192d8826a89c17b265266118be34e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 02 Mar 2022 17:57:10 GMT
x-amz-meta-version-id: MV9uaQT60tDgvyFTmtizWztglNGxBqZN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 470
x-amz-cf-id: OFudb_y6J0aruJCs7xafACufS0lxZnq-hxiZ5FlvzFxMiQd7fiE5-g==

GET
H2 200 greyneedle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 239C 465 B
835 B 24ms
23ms Image
image/svg+xml 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/greyneedle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: jfLD05iZMIZ7gkaEXfKmtY6Chs0LH8kp
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:34:40 GMT
server: AmazonS3
age: 153
etag: "7a9e2f9f869c3b5f5c1b0bc84c743854"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Wed, 02 Mar 2022 17:57:10 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 465
x-amz-cf-id: T70sW0JrYDCAjSHLvwzIK7vUy1S2UkpzbKBNMm_afySJLMsXXlms9Q==

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 239C 849 KB
58 KB 584ms
226ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=1000&callback=getCaseData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1c450cef5d4daacc7643313f919fddbf4c2c1c2bbf8b975e1f5d1501c665599e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:11 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Wed, 02 Mar 2022 18:07:11 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 239C 192 KB
14 KB 564ms
207ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=0f8b343e-fc28-4ca5-9aab-c3a1d2c919f1&limit=2000&callback=getLTCData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b9c0d88cfeb8ebddd5a9fa0e9fd03aac5972057ef6a5f0cbfaa376035ded7089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:11 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Wed, 02 Mar 2022 18:07:11 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 239C 191 KB
20 KB 566ms
248ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=1000&callback=getVaccineData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b4494150f2ec9151db29f73739163f283ef929c2d19efd5cf60591606fccff5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:11 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Wed, 02 Mar 2022 18:07:11 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 5 KB
2 KB 253ms
253ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: f1569ca221d3f5b8a4ddd6cd837e28a46d26d943e2f2498de31cb68c4a41b723

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 425 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 59 KB
11 KB 449ms
448ms XHR
application/json 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/425?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-03-02T17%3A57%3A10%2B00%3A00&ts=1646243830786

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

706d49f7a3a3c42b99cd147bd7e965badbf05c4a1239e9925617c8c8124fc25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 10114
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: I8PpGTkE7ugZDw9o5Boq-XdkFad8IE3ve5cNMzErh3ruC66aw-Cpug==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 177ms
28ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d0f23a331506a03dcb1b8b6b4c6e30bacb8fcc76edc434345d95d85e2ae30d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:10 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
225 B

23ms
23ms

Image
text/plain

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: fFUVV3mtr8XFGnt5da_oXW4THZRghKxyY0Nlaz_P_4VRHKPD-7vrFg==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 02 Mar 2022 17:57:10 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1646243830789&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada's%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
content-length: 238
x-amz-cf-id: RAjsqHxyCMS5pJ8MChVqM9b1Yifo5IGs1lJhSZHW5lxMiBJtydMDfw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 32ms
32ms XHR
text/plain 18.64.79.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-176.txl50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 13:28:11 GMT
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
server: Server
age: 16138
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: qtJNI1dQXhTxX14YFtg_QrxDDJL1Mqj2pJedOZE1GYeKGQAXkTPfAQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
19ms XHR
application/javascript 18.64.79.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-176.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 02:10:05 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 56826
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 21b1cb66a6f688e3b4ce88f7c515f844.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: TXL50-P2
content-type: application/javascript
x-amz-cf-id: Ay7d5Gb2KKcN_0iwBwvTZf4tNzCDf1be4wvsPF3h-jr6oioBvh9Wnw==

GET
H2 200 pubads_impl_2022022401.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 43ms
6ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124299
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:41:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 17:54:01 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 206 B
770 B 49ms
15ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fe44aee88b4b9b6240dbe438478db44b06b6362800895eadb75b91e754dca33e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 17:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Wed, 02 Mar 2022 17:57:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=759426299&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=928305339&gjid=1318590889&cid=429284219.1646243831&tid=UA-70431129-1&_gid=1228874061.1646243831&_r=1&gtm=2wg2s0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&z=137553313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 23ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=759426299&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1159738296&gjid=1499269346&cid=429284219.1646243831&tid=UA-73335503-3&_gid=1228874061.1646243831&_r=1&gtm=2wg2s0P86MZHL&z=562071773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ Frame 239C 37 KB
37 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 18:02:08 GMT
x-content-type-options: nosniff
age: 604502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 18:02:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 74ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=429284219.1646243831&jid=928305339&gjid=1318590889&_gid=1228874061.1646243831&_u=YEBAAAAAAAAAAC~&z=1953487386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Mar 2022 17:57:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 204ms
204ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6b6de040a118c57cf5ecbe6eac67f1a83f0951a91d868e758c83d8505a21791c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"276f-hRXKkiOUKkjudMUnFeQee5Xzbz8"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: yu_CzMEtFSIxUvmQ4g0NIWE3aArhdodo3Fd9vSYQsdJQfVy7zNTEFg==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 113 B
323 B 475ms
263ms XHR
application/json 34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 06e01d2af841c8ba00def5ead6b3623eb3adada77612fddd47f3275b87b4c6c6

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:11 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 113
expires: 0

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 100ms
100ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9d768f155ac9452db2a2b5a092375c4702ca8ddc063e4ab1b8133a4bc5fa330d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"2052-KPC+7Y8BTOcny1hBm+xNeH0zSd0"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: LXoODKELQMvBcS3g5W7DOAV8G3zxHP6fM8GtFpBspJ1bdDTQIBxN9A==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 189ms
188ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8d4de5d3fbe4bdf3eb5ed09e4cb9d937a8fdaa89f4015a5b417104413eebc219

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"eab-2975XyxaV2P5dYmxhALptTDCkSU"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: mtEHsfbWRyYlMCbaTOaO62SDSjBH7c6YLipFP4Q93AVYpsbFpioN-A==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 188ms
188ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b7137c9dd3ed5bb412e0eab7346f3a06e95fb088a05cc07e5024c7c6c16b90c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"fa5-HYpXEWTYpvINEpLfFoBiwXx/JPU"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: bBLyT8ueT3TdJulqPAftpVC75RYma8rw32vfxvZ1puG6f_fSiy1K9A==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 319ms
319ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"2c83-jMZzegW8UD3v7UAs7NiD0ygTxNQ"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: Dj_83ui1YUn7KdLK3HpJY4J2BrzlrNgUCK52PRSQfVwE549CzkYabw==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 422ms
104ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1646243831000&plid=87132380&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10964%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1646243830869&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Wed+Mar+02+2022+17%3A57%3A10+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=69893895&u=pid%3D47b08662c56060417f96bc446ff4cce6
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:11 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 02-Mar-2022 17:57:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 192ms
191ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

f5982677de1f40a49f1034f8445c6ff1105609272e710b12e2f8e807e3866cd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"1fa3-eZKfIYL9c+oDmA3KCALj/WabbuQ"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: XryNXafwswbEyPxp2WLSq03OHnG2JiBz5Psoey0iiCpfybn4IYerxw==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 79ms
21ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Wed, 02 Mar 2022 17:57:10 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 34ms
31ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:10 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 60 B
546 B 438ms
359ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e46b9e4d144efee02d2f026f52eb9f68cf716da6f200bdc5b363f414778ed07c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:10 GMT
ETag: W/"3c-Pmv0gmr3LEGUsN5MBDfgWDGE7LE"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 60
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 190ms
189ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

d8ce4c8e8dcb92ce4c911e4cf3bc7c0e43e4d8dedd2131283b680776f53a7b83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"1095-1QBb5ekh/oOhiuwton0gTFJMoGg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 3gAQCHCg5WFRL3-3hlj7YbxZbImYtf7E5xeeujwDzsscR4RON8myQw==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 188ms
188ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

36e075c51ae181c6e0b0b9a2c5c1ed9ac43a85e2603a0549d5673a54c5e536a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"100e-y+OAyr54hAWkei4zpxnuhaH8HIo"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 7hjCxlhCluzZgipCqiq2fFka_SG9312QdmwVjcS0bqyd27Z6Zg0vTQ==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 58ms
58ms XHR
text/javascript 18.64.79.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=fL2fSU2QPPTp7&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.176 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-176.txl50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL50-P2
x-amz-rid: SHSS5F08EKNXPX6DZ7ZR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: NLHk6HAnUDLXememR6hDaOI49kDNHUGlaxtpAcwsVqAln9YLz5juwA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
1 KB 193ms
192ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b05a7a92796b7d629cd6a3c9838dff6c958fbe50af892f0aa18e7073a11fc984

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
etag: W/"a37-ExOrMJWMZe2DDsXSa13iMIltfa4"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 8rysUmcfHacLTkp4f9qhT2SRaXwHOSMfgM3tg-Ld60eUM64MQ7byuQ==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 1 KB
2 KB 193ms
193ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

260b38b3e10e609b51bb1b37f534086eead8de6a611c0a4b5d60fcd4f4b5ce99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"527-yHtkue7Au/zR1+oigcj8oC3JeA8"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1319
x-amz-cf-id: QNkytN7bZ7wm86Ggxj31qAl-iNHOtmtCmkyHbcoX3bwqmwdPnh69dg==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
133 B 24ms
15ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c4db364769a1dd877f0f81ba1b8c32de72c4412a9fad3ba3e399132f6f829922

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
via: 1.1 google

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
5 KB 192ms
192ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1a58ee399ba697d721a323f0bc891e435a5290e26264d032c5f3948efc2dbd80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"10eb-m2DFuh1DPjEyGY7G+1rMhN9CFto"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4331
x-amz-cf-id: jVqDGpvHnICH6f3iQ43BqMLwV5OEbyiIRpT7vx4zQey-JsEfXSOoew==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 188ms
188ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

a368e10f98f84b85990d81f4ce950fdb97ff8c229b3370eeb8755b866dff0956

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"356-30SN/eC3vAr18OTD6KEwn+GZ918"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: krAYMvolYZrFc9QFmeSQAPL9J4ClHl1UZXSfrc8cGaiDfNQNhMQhsg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 188ms
188ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

5f1ed7b9a8695bfcc37c4d87a902dd64d555eec8a33c7110ad93d32fe5ebcaf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"6ce-ON/7ZBE743pl0PU7o/wTnQz7mFM"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1742
x-amz-cf-id: YDdf3GP0wY2YavgGt0AjuDyLRYwoJPpbZ_Zh42vzos2zKSnMG0aeIA==

GET
H2 200 arj Show response
torontostar-d.openx.net/w/1.0/ 131 B
438 B 52ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://torontostar-d.openx.net/w/1.0/arj?auid=540273838%2C540273844%2C540273840&aus=300x250%2C300x600%7C728x90%2C970x250%7C728x90&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._eNnoKxyE&cache=1646243831196&ttduuid=1ae7decc-46f8-4697-99f2-3750ee691109
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: df1f0d441735711ba9b957f1cb92c15ed6041a121d0e9b26ea0048947feabebc

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 138ms
68ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.6486898476728922&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ef97bea950115c40a0ee7b72fd9bd0956571f53293a50e200d340a3b9104259a

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 148ms
82ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.47074475464454246&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4123ba54d1312843c17edec42aeba136c7286dc63d58c3405130c62fd703c8d1

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 120ms
53ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.5483487130443052
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6d1ee8dd949061f0b206870ecbd879de6422ac646160caf3e4a60ee7e8d363d9

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 62ms
21ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x250_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 67cca4b071753dd0cf9080fffb6cb95f42c033a3c03aa439335f93fab9b26b06

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 60ms
20ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x600_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3a987e583eef56a40342ea5b1575420720c28eae3f5299fc9cd4ff02204a45cf

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 64ms
23ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_8_btf_728x90_post2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2a5f10be4a30f300af1e28b2c396e62fad9b8299dbb3aec0b7d245fca3f8d478

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 61ms
20ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_9_btf_970x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fa7f4ef68cd9151b94b838bcfdd962da1dac35c9f8885e14b5c9379a562aadb3

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 59ms
19ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_5_atf_728x90_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 86d3e8d17d8229a49b74037fbcf3768145e11b9dee7fce43a73ae4e24c43b654

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
371 B 165ms
116ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2273810020%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22268335%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221ae7decc-46f8-4697-99f2-3750ee691109%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-03-02T17%3A57%3A10%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 220e832c17c636425f1236af784d80f255053c80708b504c61b88184e01fe7e9

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:11 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Wed, 02 Mar 2022 17:57:11 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
729 B 57ms
56ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1a17447f-8600-4934-897b-82ea205f0f90
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
668 B 56ms
23ms XHR
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439248&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=HtdReNeL&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 860eb58b-7cfa-4f98-ad4a-72f8fbb1f79d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 251ms
217ms XHR
application/javascript 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439268&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=3Cud2lrx&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

39f1f182906b66e1b6e4123a91342b4ef4739d462effffb3b0d103eec0960f0d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e7c91f71-b8f4-4fe8-bd8b-121c80fca8ec
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
668 B 84ms
51ms XHR
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439253&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=9aiA3ewt&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1b92aad4-5a61-4c2a-8ded-0858bcf7c0bb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
77 B 31ms
21ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
cf-ray: 6e5c03691a545b2c-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 189ms
189ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0ae0201e08be8b8552d7ac08ba3e249e90ed80a391af2702b9a9b5356cb8cae8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"a0a-5FfUYGpWNW7FgGCaRTI+bbH0YQ8"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2570
x-amz-cf-id: L94weGGCTRhWgZNnu5jn3Y4_4cv3IYKSV0t0egjzbCewszRh-qpQpA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 193ms
192ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: ptR553aN-mftxWdcWVqd9KEuoGG_TUEaf7GbCae0zF-ZR6A826CZzg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 187ms
186ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

c413b818072b4ccdefbf377c65697fe637fa45fac40474f98102473e2c03eb11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"6a6-+7fXXZAVf4Q3U7FK9DI+ijQnsTs"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1702
x-amz-cf-id: WuARoN3vJXI5lExepFna9YCaXNm7XBNNwxw1H7BNgtuSH0ft5i3IYQ==

GET
H2 200 5d9075caf919643d05c019d8c2a06e3e Show response
e377.thestar.com/plugin/plugin/ 197 KB
43 KB 20ms
20ms Script
text/javascript 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/5d9075caf919643d05c019d8c2a06e3e

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

7f39c4f76ed7711e97b4e383512d4a5644174e8e7913e3d245c737ea642658c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 638828
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43355
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Feb 2022 08:30:03 GMT
server: -
etag: 5d9075caf919643d05c019d8c2a06e3e
content-type: text/javascript; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: TXL50-P2
x-robots-tag: noindex, nofollow
x-amz-cf-id: M7WGp6zwhtDEwdXAxCl7Z09TECMIXlMnl1acsF58b7aVwOxgjDzpig==
expires: Thu, 23 Feb 2023 08:30:03 GMT

GET
H/1.1 200
OK common_widgets.e93d9b4fd933bb35a2d7.js Show response
widgets.media.sportradar.com/assets/ 453 KB
136 KB 24ms
23ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/common_widgets.e93d9b4fd933bb35a2d7.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

0ded1c99bde69115ece4def9e4baa32681ee9835e042f9ecfd17eaa6e812b58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "f5bfed27f47f81f946d34659414853a4"
Last-Modified: Wed, 02 Mar 2022 12:52:38 GMT
X-Served-At: Wed, 02 Mar 2022 13:28:32 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138660
Expires: Sat, 02 Apr 2022 13:28:32 GMT

GET
H/1.1 200
OK us.common.scoreTicker.557657d9fbc2f2b87a13.js Show response
widgets.media.sportradar.com/assets/ 502 KB
135 KB 56ms
20ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/us.common.scoreTicker.557657d9fbc2f2b87a13.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

b2d56ae19a0864a4af697ce4763059d264a86f829065b108cf06a3ff07befd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "f4e16d6e402cbfa6a21f28fa3ad9e7b1"
Last-Modified: Wed, 02 Mar 2022 12:52:38 GMT
X-Served-At: Wed, 02 Mar 2022 13:28:32 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137709
Expires: Sat, 02 Apr 2022 13:28:32 GMT

GET
H/1.1 200
OK react.522173fc8f3b90c4a86d.js Show response
widgets.media.sportradar.com/assets/ 117 KB
38 KB 56ms
21ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/react.522173fc8f3b90c4a86d.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

624046a7e355e4f996c400a55684f0135e0ee18c2b095b13c99cbdeb614157e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "8ede8c9adcc855614ef086b63d5bf48c"
X-Served-At: Wed, 02 Mar 2022 13:28:33 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Content-Length: 37929
Expires: Sat, 02 Apr 2022 13:28:33 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
26 KB 83ms
25ms XHR
application/json 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1646224753737&h=2fbd2c63b27532ede68734281f9e2953

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

6c0d014befca5d4f2e102e2b9c7cf4c4b80e3aec23c26dfe2c231370b38351e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 12:39:13 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Content-Length: 26675

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 28 KB
4 KB 519ms
461ms XHR
text/css 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 12:39:32 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3730

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
9 KB 513ms
456ms XHR
text/plain 2a02:26f0:1700:5::5f65:1b5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

978c53a19c758acc7d32908249db983eba9c0614182106093ef72fc97630fc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "137b954aa2c70eb0c40a6319e2544f24"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Wed, 02 Mar 2022 17:57:11 GMT
Connection: keep-alive
Content-Length: 9111

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 19ms
19ms Script
text/javascript 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2212692
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Feb 2022 03:18:59 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: TXL50-P2
x-robots-tag: noindex, nofollow
x-amz-cf-id: AaUhE5TkJAz52zASNCMywZNeGVoKtRvxUP8EMkVCZHvF3iL5hc5mkg==
expires: Sun, 05 Feb 2023 03:18:59 GMT

GET
H2 200 6666f343d19afa6e14d2061c890dddd9 Show response
e377.thestar.com/plugin/library/ 470 KB
149 KB 22ms
21ms Script
text/javascript 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/6666f343d19afa6e14d2061c890dddd9

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 1646126
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152264
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 16:41:45 GMT
server: -
etag: 6666f343d19afa6e14d2061c890dddd9
content-type: text/javascript; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: TXL50-P2
x-robots-tag: noindex, nofollow
x-amz-cf-id: unBx7jc4WfhXw1L4indh3RN8qGow_rujRO_E9cAYAJdkbRy3iOzhlg==
expires: Sat, 11 Feb 2023 16:41:45 GMT

POST
H2 200 LB-Zone-2 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/425/ 2 KB
2 KB 473ms
473ms XHR
application/json 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/425/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38&overruleReferrer=&time=2022-03-02T17%3A57%3A11%2B00%3A00&ts=1646243831292

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

53aab754cc86f439fc2e1afd76a6add9a96ea925cb67e8e3a8f702234b83a452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 879
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sHOmZDE5trikpANScvbUZKBBlbaRoMA9IYrNb9I5ZHKdFw5TN1OxXw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 115ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2211&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=42&jsfv=nbc&ts=1646243831312&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=2206&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F03%2F01%2Fwe-may-have-the-suspect-portapique-inquiry-reveals-how-police-responded-as-gunman-slipped-away.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F03%2F01%2Fnew-report-details-how-autocrats-use-the-internet-to-harass-and-suppress-activists-in-canada.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F03%2F01%2Falberta-lifts-most-remaining-restrictions-and-moves-to-stop-cities-from-imposing-their-own.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F28%2Fits-not-a-police-officer-portapique-inquirys-timeline-shows-how-bloody-night-unfolded.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F03%2F01%2Falberta-first-nation-identifies-169-potential-graves-at-former-residential-school.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F03%2F6-years-after-trc-report-canada-is-failing-to-rectify-ongoing-harms-against-indigenous-communities-new-report-charges.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
405 B 189ms
185ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: 6bJ4VHOkoVQOdrRZaW-9ZAiH9YJWNVwc3QA9eU8xWpAZlpu117WFgg==

OPTIONS
H2 200 14709582713658466894296593922401128616
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 159ms
99ms Preflight
application/json 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/14709582713658466894296593922401128616
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-61.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 02 Mar 2022 17:57:11 GMT
x-amzn-requestid: 4c5bbcc9-e18b-44fb-b1b9-c3f057588b49
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: OXhusHpZoAMFpQQ=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bjhwz_EFWhc4dt0EK8WRX4qseoOjuQJhX41w22QZm24_WkGjxySRdA==

GET
H2 200 14709582713658466894296593922401128616 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
418 B 136ms
136ms XHR
application/json 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/14709582713658466894296593922401128616
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-61.fra50.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 4f0a63de-de5f-4e96-9250-c64be84d115a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-621faff7-0b5347c66847040d7f4e47ff;Sampled=0
x-amz-apigw-id: OXhutHqkIAMFjAw=
content-length: 51
x-amz-cf-id: dYFfGs7MPAzVr90GXyQXplFU8Vy9pccrokoSibQLO0J5LlvIYjrqcw==

GET
H2 200 manfred.jpg
images.thestar.com/8mvlZ_E0FEnJCQCdYMc-JRxhLl0=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/baseball/opinion/2022/03/01/rob-manfred-swings-and-misses-in-defending-the-mlb-locko... 31 KB
31 KB 51ms
49ms Image
image/jpeg 18.64.115.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/8mvlZ_E0FEnJCQCdYMc-JRxhLl0=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/baseball/opinion/2022/03/01/rob-manfred-swings-and-misses-in-defending-the-mlb-lockout-that-never-had-to-happen/manfred.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-128.txl50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b6f14efdfab101c289263c3ac0fe66db4626cd40980defd239a481c42a172ebd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 03:14:55 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 52936
etag: "174066bd349fb1200d664875b845b15f5a2a2acf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: TXL50-P4
content-length: 31377
x-amz-cf-id: 6bC1RIJJkwV4no9TI1wB7WlylpF98Wd1a6yf8CF7LRPsNjlX2Ls4ow==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 105ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2281&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=50&jsfv=nbc&ts=1646243831382&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=2280&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbaseball%2Fopinion%2F2022%2F03%2F01%2Frob-manfred-swings-and-misses-in-defending-the-mlb-lockout-that-never-had-to-happen.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2F2022%2F03%2F01%2Fraptors-use-home-court-advantage-to-seal-cathartic-win-against-nets.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2022%2F03%2F01%2Frasmus-sandin-joins-morgan-rielly-on-the-leafs-top-defensive-pairing.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2022%2F03%2F01%2Fhave-your-say-which-goalie-do-you-trust-most-in-the-leafs-net-right-now.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbaseball%2Fopinion%2F2022%2F03%2F01%2Fbaseballs-commissioner-fails-as-its-caretaker-mlb-lockout-will-carry-into-2022-season.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2022%2F03%2F01%2Fpetr-mrzek-to-make-back-to-back-starts-for-the-leafs-for-the-first-time.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbaseball%2F2022%2F03%2F01%2Funion-rejects-mlbs-last-offer-at-deadline-to-cancel-games.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnd%2Fsports%2Fniagara-region%2F2022%2F03%2F01%2Fmyer-grads-earn-brock-university-athlete-of-the-week-honours.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 104ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2289&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=53&jsfv=nbc&ts=1646243831390&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=2288&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F03%2F01%2Fpwc-canada-hit-with-1-million-in-fines-after-1200-employees-caught-cheating-on-training-tests.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F03%2F01%2Ftorontos-steam-whistle-to-buy-beaus-brewing-co.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fths%2Fbusiness%2Fpersonal-finance%2Fadvice%2F2022%2F03%2F02%2Fpreparing-a-will-executor-trustee-beneficiary-guardian.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 106ms
106ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2300&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=55&jsfv=nbc&ts=1646243831401&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=2298&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F03%2F01%2Fpierre-poilievre-offers-right-wing-populism-to-the-conservatives-will-they-take-him-up-on-it.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F02%2F28%2Fvladimir-putin-is-learning-who-the-actual-strongman-of-europe-is.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F02%2F28%2Fmeet-the-russians-who-canada-has-sanctioned-since-the-invasion-of-ukraine.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 106ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2322&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=58&jsfv=nbc&ts=1646243831423&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=2321&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F03%2F01%2Fpwc-canada-hit-with-1-million-in-fines-after-1200-employees-caught-cheating-on-training-tests.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Feditorial_cartoon%2F2022%2F03%2F02%2Ftheo-moudakis-freedom.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F02%2F24%2Ffood-fight-why-your-favourite-foods-might-be-harder-to-find-at-the-grocery-store.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F03%2F01%2Fi-was-there-when-the-soviets-invaded-prague-what-vladimir-putin-is-doing-is-different.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fstar-columnists%2F2022%2F03%2F01%2Fwhen-will-the-ottawa-honkers-go-to-fight-and-honk-for-ukraine.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2F2022%2F02%2F24%2Fdishes-that-kids-will-ask-for-again-and-again-two-recipe-developers-share-their-favourites-for-the-whole-family.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 107ms
107ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2341&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=61&jsfv=nbc&ts=1646243831442&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=2339&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhomes%2F2022%2F03%2F01%2Fdream-home-15-million-caledon-cabin-pushes-the-envelope.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2F2022%2F02%2F24%2Fdishes-that-kids-will-ask-for-again-and-again-two-recipe-developers-share-their-favourites-for-the-whole-family.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2F2022%2F02%2F24%2Fone-of-torontos-best-food-courts-is-in-the-back-of-a-giant-flea-market.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 105ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2362&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=66&jsfv=nbc&ts=1646243831463&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=2360&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F03%2F01%2Fwhatever-happens-volodymyr-zelenskyy-has-already-dropped-a-nuclear-bomb-on-vladimir-putins-propaganda-machine.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2F2022%2F02%2F28%2Fsarah-polley-explains-why-shes-ready-to-talk-about-jian-ghomeshi.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F02%2F23%2Fdriver-weinstein-was-at-hotel-where-actor-says-he-raped-her.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 36ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 50ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 76ms
30ms XHR
text/plain 2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:11 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.thestar.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 02 Mar 2022 17:57:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 204 KB
27 KB 469ms
455ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2118326946463654&correlator=1722069368279826&eid=31064958%2C31064976%2C31065400&output=ldjh&gdfp_req=1&vrg=2022022401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220302&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600&ppid=14709582713658466894296593922401128616&prev_scp=pos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_politics%252Cgt_negative%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_home%252Cgs_politics_misc%252Cgs_entertain%252Cgs_covid19%252Cgs_home_property%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_ent_evnt_attr_gnrl%252Cgs_news_and_weather%252Cts_hlth_general%252Cpr_test%252Cts_fmly_prntng_gnrl%252Cgv_crime%252Cts_bz_ndstry_gnrl%252Cgs_society_misc%26tkspo%3D13%26env%3Dbeta%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&cookie_enabled=1&abxe=1&dt=1646243831494&lmt=1646243831&dlt=1646243829407&idt=1541&biw=1600&bih=1200&oid=2&adxs=0%2C436%2C436%2C436%2C436%2C436%2C253&adys=0%2C0%2C4701%2C5963%2C7182%2C8561%2C2388&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&adks=2173569469%2C1887631228%2C3893840795%2C3893840796%2C3893840797%2C3893840798%2C1330620279&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x90%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&msz=1x-1%7C1600x90%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&ga_vid=429284219.1646243831&ga_sid=1646243832&ga_hid=759426299&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b43ea262a6cdebd2400b4fb4cd103dbe409e096a26e0b2645331427561d02bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D520 6 KB
4 KB 55ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 02 Mar 2022 17:57:11 GMT
expires: Thu, 02 Mar 2023 17:57:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 105ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2414&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=68&jsfv=nbc&ts=1646243831515&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=2413&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F03%2F01%2Fbidens-state-of-the-union-address-denounces-putin-tackles-inflation.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F28%2Fwhy-russia-seems-to-be-pivoting-its-ukraine-strategy-toward-killing-more-civilians.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F03%2F01%2Fthe-american-right-sees-canada-as-an-enemy-should-we-be-worried.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F03%2F01%2Fi-was-there-when-the-soviets-invaded-prague-what-vladimir-putin-is-doing-is-different.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F28%2Fat-a-border-town-ukrainians-arrive-by-train-and-poles-rush-to-give-them-shelter-and-clothes.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F28%2Feconomic-penalties-imposed-on-russia-are-beginning-to-show.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 404 2021-q1-shop-low Show response
www.thestar.com/api/overlaydatarule/ 178 B
586 B 112ms
112ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: W/"b2-DayMIL+sW45ETiP4eQTH7WZtEKg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Error from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 178
x-amz-cf-id: Dhwt_ny6TVzIA2N5oOpRVLDHTuEulBZeYd_KCihcrrRFriwhBzXXlw==

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 64 KB
12 KB 134ms
134ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=57ab560b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

fb2a8c61b4b24e06e7dbfb3408b059026e09747e07e7ab87c278961b7f10b67c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:11 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"10018-WSxqlbvweDfFBWFcBp0P43UaB/Y"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: qMpAse3Xmk3inEOu-zsO45u1eqGkA_OO2PV1qbMXlhfcHpmcpqX-6w==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

POST
H2 200 425 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 4 KB
3 KB 457ms
457ms XHR
application/json 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/425?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38&bctempid=&overruleReferrer=&time=2022-03-02T17%3A57%3A11%2B00%3A00&ts=1646243831825

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

1290a2fb659d16388f72789909d1adfff75db4fa5e2d746eea7d08aacb7ac23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1649
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sdP4GYyYDlwq9-6ivGe_hQhZ16RF-gFuut-mMCfu9li7jEZ2ChqMNg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 425 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 454ms
453ms XHR
application/json 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

7c62fcad0441be78e9e3420ec5618f8251614ea689ef0a4caa4f5973e01d1b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 175
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: dLmi54S9GpoJlSVHSCREAuoNCZW0x1eIXMS9XDDNjTDCpuiIAsZSog==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 120ms
119ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2714&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=69&jsfv=nbc&ts=1646243831815&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 121ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2718&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=73&jsfv=nbc&ts=1646243831819&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 425 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 455ms
453ms XHR
application/json 18.64.79.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-97.txl50.r.cloudfront.net

Software

- /

Resource Hash

a09f38091d15ca9b049a00ccfba49c40c8cec227fbcdcb7942830d56e94660af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 165
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 3utWdClzgsMFkjD0p00HJcE7Zuh4US8t7JC3ueLggSL8BGdh74AESw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 17:57:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 17:57:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 17:57:11 GMT

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

28ms
27ms

Font
text/html

143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:07 GMT
content-encoding: gzip
etag: W/"13b4b-5UkrWtJAVz60pVz2I+OggGNpFjo"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 5
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SpmBejHwP6MuaKwdMyjkDsJcmW4SP0Jzi5fIf7lUzz7fag4Y1QIDUw==
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)

Redirect headers

date: Wed, 02 Mar 2022 17:57:11 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: YaDzCg5-Uc5LfKW6AyQnesm-1YXMSyn3h9IF4VVe-8weN_cu81a8HA==

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 702ms
65ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

f527a7f359e6e32d3d50f88b37a50d0bd595d6b1339e30b66eec8d2ae42410b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"594578747450f12ad1047b58d55a4b4f5c341363"
xip: 2001:ac8:20:3b00:1012:bbf5:1f37:f386
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-prod-zrh4-web1
grace: none
content-length: 927
x-feeds-fv: feeds-prod-vie1-var-qs
last-modified: Wed, 02 Mar 2022 17:53:38 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 19511638, 731559476 731068757
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web1
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 17:58:38 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
860 B 112ms
112ms Script
text/javascript 50.16.19.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38&&callback=bc_json427

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.19.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-19-147.compute-1.amazonaws.com

Software

- /

Resource Hash

ab5ed08f4ac517fa3c6b8a41e91e16d448a67ff16bbf376944907ca191572de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v20/ 35 KB
35 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v20/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 12:01:23 GMT
x-content-type-options: nosniff
age: 107749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35436
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:24:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 12:01:23 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 24ms
24ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/ 12 KB
5 KB 48ms
48ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20c1bab68d479886e5c0adca071a6b5a45af440f8dc5942a200c2e4e14cae0a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1502
etag: W/"2ea1856d44fb8138b973fd134e06f2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ftOX41cM8ltpyouHTfb6WUp0L83QNtbN
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: 2QRkPYmw37GQdMvXptePw3T62PT6mkpxGlKyANSvAl9njfx59RrLRQ==

GET
H3 200 container.html Show response
422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 50D2 6 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Mar 2022 17:57:11 GMT
expires: Thu, 02 Mar 2023 17:57:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/ 1 KB
1 KB 10ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b3f0b2631c4fa1470c4eb636fa850e0dcc46229ccd2105941e9010fe572f9b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1502
etag: W/"e20c1b951012ce8b275f045c5dd34961"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: buuvVD4LzXOhcQ9w79cyD9fIgwxzxvzD
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: 7DUyghsM9cj3gTKhb3LdKtZsgbjE_MS1E4cabW3QXedD4z7Rc7LHng==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 50D2 0
0 75ms
75ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CowjL968fYpLgI5KKjuwP5uOz8AHJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpAqx3H5YvpLI-4AIAqAMBqgSMAk_QB9GaLCDK5XO88afb4b5VD7Fq97B2-OZiUTjO2XLCdedogRFdBplss4gZ7sVGGoYkUIQCud9NNUnvRG1hrpnjTxGhiF2THWZmz37NxeiBBRof9SHN0NeP9zpF7SgfIUHYCHo8L59Uy2n1UDnadhTBruKswXlU8LJF4xyM3PRg2BvGYLlu1d7a1l7WkwarbiSSNOn5H0_9Zdh0PS4YrgRWesFhXsUW1TVXl9ugRDvVVuUtNpsywbS4ZJ5-MZudZpA98kAHtyyyy2MTYxMVjbdrmCh9Ujh--t1YnmyorsV56qk4ufDrsd-TwYoR7RTGdX4bFJWnOsPKh0AXDF-KY8gId2jc4dyCJoJ4pfbgBAGABqS7oZPvx-DqbqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=qBfYpYRfnxg&uach_m=[UACH]&cid=CAQSUQCNIrLM0nCcVDvyOrEv-6eULTpffLcfztxS7LrhzgVGGlYRq6nVMn5FKR7VLId0aQywhnhw6AZM5iRsWmwpn3HpvFb_EwDlMuvj0juQqwYl0RgB
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 50D2 0
0 109ms
34ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U43NEcg12AVanYNiAgIAAACNBP5zZFRhDM7_rIUgm2jlEPevH2KOoZCvpsvYbcpFkgAS&wp=Yh-v9wAI8BIHg4USAAzx5pHTdCJK3crm4HtHwg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 251540
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A7AD 181 KB
53 KB 235ms
204ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yh-v9wAI8BIHg4USAAzx5pHTdCJK3crm4HtHwg&u=%7CTosvDezxyhAdZKyZZoBL%2BKaZ1nQ%2FlzhJGAgGZno5GI8%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yL2KNorLLlVhXOr9r-YfMbqToIQMy6A2Hde-l7EDVHY6yVFJHE8vxrfjw0MQm327Jye6DKTMJc4kE_OZ7mTP86BeeR2rAp3T2q7cRbupxB2fRTLyNj6YguZbdvbvfBdQjG5crSBEvfavCwVq81-rq0kioImNp0Kv7lUDTFvKTDa-J2y2dQeEtG5XZA9igdp3w_6PmTA2FUqQgqNyh17NvtTZ5vWWvQShl9ojtj7-5_YQKV-l7aTIXCUJ44mhO5NoDhrWvv3H8WLyt5IO45k-x3jeUEk1kCfH1tZO0C55KsEsLd-ZEWf2jweLm9PsfXRPcVdALhjJLTZyej5CVY6GCEipY34sn8D75Tw6d29nr2VUR5SlOvIiHgT8seC0nmiWze4krtIo99T1w3w9tXH4FfDg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu0jb968fYpLgI5KKjuwP5uOz8AHJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpAqx3H5YvpLI-4AIAqAMBqgSPAk_QB9GaLCDK5XO88afb4b5VD7Fq97B2-OZiUTjO2XLCdedogRFdBplss4gZ7sVGGoYkUIQCud9NNUnvRG1hrpnjTxGhiF2THWZmz37NxeiBBRof9SHN0NeP9zpF7SgfIUHYCHo8L59Uy2n1UDnadhTBruKswXlU8LJF4xyM3PRg2BvGYLlu1d7a1l7WkwarbiSSNOn5H0_9Zdh0PS4YrgRWesFhXsUW1TVXl9ugRDvVVuUtNpsywbS4ZJ5-MZudZpA98kAHtyyyy2MTYxMVjbdrmCh9Ujh--t1YnmyorsV56qk4ufDr892yUw2ecQd56Wq4xKgBwsrejfYdIkcI1wA10Zpj__Caoyj8tkk_VIrgBAGABqS7oZPvx-DqbqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07_2VTOVO63KUrPTMi90kU3haNVQ%26client%3Dca-pub-8188431425509997%26adurl%3D

Requested by

Host: 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
URL: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6d69fb5b892e212e10a2348655327a79e805eb0540f4ea65c41a6c552de88a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iIzwOdw9QHrji4hEEGvnpJceSZLEWdQIny5GFJZD376rSxhpSJ3GumKv_hgu-ny9SFnh67u9vqNL3KAk8QN6jJm3p5QK_b0IvaQQrw2cocW8vWQi_LJ88PECZRXp8Oa_82DyvKSQKbkGe0YAW7a4bX_1AS-kV8v0kxhOFYxVUbWHw_Jw_NJ1NzfqEfGM-jD2_K7VuP7DzS3NyNxF3d4i3eZVpA2L6NyvcbMIoc99la_zg2ORHg45-AUFCMg15Ik1NtgMyQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 191441621
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 50D2 2 KB
1 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js

Requested by

Host: 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
URL: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:56:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 50D2 15 KB
7 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
URL: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
server: cafe
etag: 3306657128042699500
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:55:33 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 50D2 22 KB
7 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
URL: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 09:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Mar 2023 09:00:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50D2 124 KB
38 KB 113ms
98ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
URL: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38862
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646052075697155"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89208
x-xss-protection: 0
pragma: public
x-fb-debug: d5o/dglA0u8v15Uf8dWmBIdruAgmdGeBUsRJa0M9BEpTnxX1+cNSP/fMx+mKZZg2Lv/Ppd/5Z6vwCB7lqBSXHg==
x-frame-options: DENY
date: Wed, 02 Mar 2022 17:57:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC304342cd3a9f487980371091639a8dc3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/ 813 B
1 KB 8ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb41f9cc4a0181dce6bd0b641f979e408e26f661bb564c1ecdcc94918cc54439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:12 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1501
etag: "d23db93700090568bab88195d8a5be66"
x-cache: Hit from cloudfront
x-amz-version-id: J0PsRpDEAdtA6BoKebjmzC6T1eJxaMgD
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 813
x-amz-cf-id: 1bUOgC8Mys5sSp7ugkdZy1ovonJLUgbjjmv_oXaMYrCVJ_UTB7WTtg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
5 KB 7ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100033-IAD, cache-hhn11563-HHN

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/ 2 KB
1 KB 8ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8c5f275c7bae3a0e164ac1c8fd7da541bd0d0865a835a82edf3bdf88f059112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:12 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1500
etag: W/"de054423a8c8fa86e34fd09281e9f647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: XWvMXeEZprSJPaJxhmmKvwX5VdW1kfut
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: 4T87CffekROevJJkO--naYMDnm-ExMi6BSeD0wr8Rtf13hz9oDdIjQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
40 KB 31ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c831f7e42e384311b76d705810df55cee94394a65d9a96e8d496de85d5753bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40958
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 37ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb21781348e580936fad6fb142d4064754f387ca49ca3efc143e033e097e2c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37358
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
H2 200 RC2f54281ab7324fd39f76106466b9b969-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/ 1 KB
1 KB 10ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c726b8850dc382c184006a679748698f6b83517e6d8e186f953c73d5c936e697

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:32:12 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 17:31:50 GMT
server: AmazonS3
age: 1501
etag: W/"26be529a49b7ad8d63c2e1a73e59e1e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: FSQiiflzAhPF5qhlX.FniVL9O0Qshq6u
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: g9MpyYhmJaG0RmlKZkSc_4WuiE9_k3ueahOfyej-M6fbSjoAa_4i_Q==

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 116ms
114ms Script
text/plain 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=13739257-f7db-4fc6-9018-e4e5a6965e49&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 02 Mar 2022 17:57:12 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: d1036e69db73720d4624dc991470038666ac860bbd6fdfa789360982f35de6d6
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
101 B 148ms
147ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=13739257-f7db-4fc6-9018-e4e5a6965e49&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 141
date: Wed, 02 Mar 2022 17:57:12 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 46e976a9609eba197786e9e462df555ad85ad0969071fe661c8324860ba5fa23
content-length: 43

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 31ms
31ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/7.4.22

Resource Hash

c55ab94663950bcc6ec0f871121505fbd77bc6305a36763ac9dda6b7b62a9d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"07a9592a6dca4c4689ce748819c64297093b59f9"
xip: 168.119.68.252
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-iwmuszgd
grace: none
content-length: 725
x-feeds-fv: feeds-prod-euc1-fvauto-0bf43235bbb3a2997
last-modified: Wed, 02 Mar 2022 17:49:10 GMT
server: nginx/1.18.0 (Ubuntu)
date: Wed, 02 Mar 2022 17:57:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 424611451 422616673, 23072253 20740843
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web03
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 18:49:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 27ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1646243832741&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1646243832740.1739664056&it=1646243832695&coo=false&exp=p0&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
DATA 200
OK truncated
/ Frame 50D2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 150faee39e08fa9a66c7bb8cd7fa8b0b4e50afe3b81e46e58457efc5111db1be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 151ms
105ms Script
application/javascript 2a02:26f0:7100:1b2::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 3 MB
208 KB 137ms
137ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

f639b2ec714147b50de4fc0fbd90face3858639cb388a2b75947e3f6518e8045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"98571e2a67fdf8bfeb60930e47f59e8c348c656c"
xip: 2001:ac8:20:3b00:1012:bbf5:1f37:f386
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-prod-zrh4-web1
grace: none
content-length: 212176
x-feeds-fv: feeds-prod-vie1-var-jf
last-modified: Wed, 02 Mar 2022 17:56:56 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 58978024 363824413, 803177316 801273618
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web1
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 17:57:16 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 62ms
62ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

7ecfa33b6f6ed8cac1ef941a448d08af4404dd3c31a8357bdda46ed94674a9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"1c6a1d3e303b9703f6d29f92977859e86c3ab88c"
xip: 2001:ac8:20:3b00:1012:bbf5:1f37:f386
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 603
x-feeds-fv: feeds-prod-vie1-var-qs
last-modified: Wed, 02 Mar 2022 17:53:21 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1059880195 1066285269, 732602476 730220328
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 17:58:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 68ms
29ms Script
text/javascript 142.251.36.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s12-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b57f725f6b1aecd8d59b0d381be391e9e062201b86aab776492fecb6cf5f45c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Mar 2022 17:57:12 GMT

GET
H3

200

activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame C20D
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.t...

408 B
360 B

39ms
25ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

d140bd1114beb04dbe5c1c14868ddc02baaab1eae7b704301abc2e5a338930af

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Mar 2022 17:57:12 GMT
expires: Wed, 02 Mar 2022 17:57:12 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Mar 2022 17:57:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 29ms
29ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/7.4.22

Resource Hash

d53269cece5480dd8e11972ca5c7502d1a948368aa60f8890b0472b53db11720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"ed33b59f77cdd0e61357535b6347a76e2b07f7b1"
xip: 2001:ac8:20:3b00:1012:bbf5:1f37:f386
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 2219
x-feeds-fv: feeds-prod-euc1-fvauto-0372155a9568e0de3
last-modified: Wed, 02 Mar 2022 17:56:35 GMT
server: nginx/1.18.0 (Ubuntu)
date: Wed, 02 Mar 2022 17:57:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 29727535 12502067, 120449741 118104190
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 17:56:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1646243832850&cv=9&fst=1646243832850&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

699cf7a12efd44b9591489ee64228f27f3606ca53fbc58e66c209f755304de23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 109ms
108ms Script
application/javascript 2a02:26f0:7100:1b2::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
548 B 45ms
21ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1646243832850&cv=9&fst=1646240400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=3369900817&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1646243832850&cv=9&fst=1646240400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=3369900817&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame C20D 42 B
63 B 59ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJHm_JaAqPYCFY8UGwodOt8N6g;src=10230056;type=ret01;cat=land01;ord=392124852091;gtm=2od2s0;auiddc=284600882.1646243833;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A7AD 2 KB
1 KB 60ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yh-v9wAI8BIHg4USAAzx5pHTdCJK3crm4HtHwg&u=%7CTosvDezxyhAdZKyZZoBL%2BKaZ1nQ%2FlzhJGAgGZno5GI8%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yL2KNorLLlVhXOr9r-YfMbqToIQMy6A2Hde-l7EDVHY6yVFJHE8vxrfjw0MQm327Jye6DKTMJc4kE_OZ7mTP86BeeR2rAp3T2q7cRbupxB2fRTLyNj6YguZbdvbvfBdQjG5crSBEvfavCwVq81-rq0kioImNp0Kv7lUDTFvKTDa-J2y2dQeEtG5XZA9igdp3w_6PmTA2FUqQgqNyh17NvtTZ5vWWvQShl9ojtj7-5_YQKV-l7aTIXCUJ44mhO5NoDhrWvv3H8WLyt5IO45k-x3jeUEk1kCfH1tZO0C55KsEsLd-ZEWf2jweLm9PsfXRPcVdALhjJLTZyej5CVY6GCEipY34sn8D75Tw6d29nr2VUR5SlOvIiHgT8seC0nmiWze4krtIo99T1w3w9tXH4FfDg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu0jb968fYpLgI5KKjuwP5uOz8AHJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpAqx3H5YvpLI-4AIAqAMBqgSPAk_QB9GaLCDK5XO88afb4b5VD7Fq97B2-OZiUTjO2XLCdedogRFdBplss4gZ7sVGGoYkUIQCud9NNUnvRG1hrpnjTxGhiF2THWZmz37NxeiBBRof9SHN0NeP9zpF7SgfIUHYCHo8L59Uy2n1UDnadhTBruKswXlU8LJF4xyM3PRg2BvGYLlu1d7a1l7WkwarbiSSNOn5H0_9Zdh0PS4YrgRWesFhXsUW1TVXl9ugRDvVVuUtNpsywbS4ZJ5-MZudZpA98kAHtyyyy2MTYxMVjbdrmCh9Ujh--t1YnmyorsV56qk4ufDr892yUw2ecQd56Wq4xKgBwsrejfYdIkcI1wA10Zpj__Caoyj8tkk_VIrgBAGABqS7oZPvx-DqbqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07_2VTOVO63KUrPTMi90kU3haNVQ%26client%3Dca-pub-8188431425509997%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 17:57:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A7AD 2 KB
1 KB 51ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 17:57:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A7AD 308 B
636 B 50ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 25 Feb 2023 17:57:12 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame A7AD 507 B
835 B 50ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 25 Feb 2023 17:57:12 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame A7AD 43 B
347 B 50ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=PoHfCAJS-_UDake3Art_zB6-_G3qEfZikUSmRMwqtu0_6sSnZtRl4a1PDKS-RWHQCMaasvBg81JV4h9Aw-v5DhImTEs4NhzvF76p6X4HJe03J6t6Qx5Pnda-RXEOxe-POQ2Sa_b3rxeiDgIyuSdkwuEcxCex7ybiTsrNTzSHdrxoMzrvbXIym8s6lIe_p6_daWBtVU3wigvGbPU4G3CnmdXikZgy4GbQVlJ6TN4iejurejV8W8qv41s0QgdYeE71cuArlHtBTrfLOHbl79Wd6wQcK2ICG4oEwXn37--EencjyIYzbUizEA_majtEXgqQhJeF1g1auWt0_mf2aUc7Yq14T47dJZ9CQLt3PYYJQWOWzy4uPHF4wsmcE9rJWXvtytTof0cpXxSrXsOmadZdjVpAl3f5AMAjcPoGPgsBZUTiwelbaHSr05Ysb7Vm50TTG5eBjA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2900742
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A7AD 12 KB
5 KB 75ms
36ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1399878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkTsuM9yWjIHRWnN8u6ujpPZlcyTh4fLq2yA%2BRhfqOxgtjw8sYNOMG4L0wuAiHiaygjk26pk50gGYg117y0d3pWWbGYGeSeaa4BpMlzhtoXXprz6%2FVg6%2Bx%2BgiGu%2FPDxKBkkSwz1aSSJscW2qh7DgzGXw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e5c03743ac65a25-MXP
expires: Mon, 20 Feb 2023 17:57:13 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A7AD 12 KB
6 KB 42ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 17:57:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 12 KB
13 KB 110ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=86778&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F86778%2F210812%2F662fb8363e78453e96dc11c138a5b6ae_element-1.png&v=3&w=256&s=t8pK2RIgtNAjFZKaqPQ5DWIQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f7adc9854b18ed2c0213f6dd1953be1daa7dc6c473dc6089da80aba7b3444e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29760849
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12743
expires: Fri, 10 Feb 2023 04:51:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 47 KB
48 KB 125ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=86778&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F86778%2F211028%2Fcae2a2e365db4933935c5404bd3fe20d_img_horizontal_1.jpg&v=3&w=1200&s=xtjfe4mXGJF4VHqsg10sJYA6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

38430411c36328395dd2ab761e472f440428adfb2cab8dc2cb9ea1c3a0539b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28940914
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 48368
expires: Tue, 31 Jan 2023 17:05:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 17 KB
18 KB 138ms
44ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F07%2F2a%2F09%2F101775_-_illy_-_filter_n-rostung_gemahlen_800x800QxIGqspRMRzXg_600x600.jpg&v=3&w=800&s=PajmER7IbreqvXuDF0dANYlI&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a7b6865322d4a5f8d466a5a5a7facaa4565dbd62b1379e8c95ccbadb13be055d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=651229
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17870
expires: Thu, 10 Mar 2022 06:51:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 3 KB
3 KB 152ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F59%2Fe7%2Fe3%2F103750-fellow_ekg_wasserkocher_mattweiss_800x800pxwAjIVvzhyFC4l_600x600.jpg&v=3&w=800&s=WsBx3y0rYeznBxwEGAiWmxL9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3ff94ea6a748276dd8c567b3607fc4948be0f17bd4352a162e33fd06bd8f8e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=336743
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3290
expires: Sun, 06 Mar 2022 15:29:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 11 KB
11 KB 130ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F77%2F6c%2F97%2F103812-illy-iperespresso-lungo-kapseln-18-stuckkXPBEhhVmWk52_600x600.jpg&v=3&w=800&s=g3qQMJTcKZS9HWwEzF222Rlj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d3ebe3e2456ef413fc93c8c3f46f7189211707199ee0af7039e5617103225159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2201298
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11494
expires: Mon, 28 Mar 2022 05:25:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 16 KB
16 KB 140ms
45ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F05%2F96%2F7a%2F101212-bialetti-3-ersatzdichtungen-1filter-fuer-moka-express-6tassenVQWJFvYIxuHdl_600x600.jpg&v=3&w=800&s=n_xGXzXYiGoTmz4aAMiSpgrY&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

79ce610818bfe7e77f546e909f73d4b6837c658936f1bfdf70a2d12ae18e1f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2029236
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16178
expires: Sat, 26 Mar 2022 05:37:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 10 KB
10 KB 53ms
53ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F94%2F14%2F2b%2F103811-illy-iperespresso-classico-kapseln-18-stuck_600x600.jpg&v=3&w=800&s=KAAEHMFFMrv-mPDW0__J9d5y&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e566a8b4082a79a2e8d8e6aa5f580c26e57c29d5b28e0482faba77b9f1f1c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2201850
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10000
expires: Mon, 28 Mar 2022 05:34:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 11 KB
11 KB 53ms
53ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2F6c%2F88%2F75%2F82_vivace_1000gr_0000koHYXmUVShIpX_600x600.jpg&v=3&w=800&s=HQyJAgW4yQgIxo1FeTZ3o0R2&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

67aad7b412ec1804e1fd92283a653c59a297d5f6560f87432509ab9514821cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1941997
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10854
expires: Fri, 25 Mar 2022 05:23:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 7 KB
7 KB 58ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=86778&q=80&r=0&u=https%3A%2F%2Fwww.aromatico.de%2Fmedia%2Fimage%2Fe9%2F70%2F2a%2F103181-fellow-stagg-wasserkocher-1l-kuper-poliert_600x600.jpg&v=3&w=800&s=dgdfNuO1UqrYni4IYhqrzDgm&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5c17b0c1557fdf36970bf486eea3b820f5b7a2233b6cda1adb39e66bddb8515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1351769
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7066
expires: Fri, 18 Mar 2022 09:26:42 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A7AD 0
127 B 120ms
27ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=iIzwOdw9QHrji4hEEGvnpJceSZLEWdQIny5GFJZD376rSxhpSJ3GumKv_hgu-ny9SFnh67u9vqNL3KAk8QN6jJm3p5QK_b0IvaQQrw2cocW8vWQi_LJ88PECZRXp8Oa_82DyvKSQKbkGe0YAW7a4bX_1AS-kV8v0kxhOFYxVUbWHw_Jw_NJ1NzfqEfGM-jD2_K7VuP7DzS3NyNxF3d4i3eZVpA2L6NyvcbMIoc99la_zg2ORHg45-AUFCMg15Ik1NtgMyQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A7AD 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 17:57:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A7AD 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 17:57:13 GMT

GET
H2 200 3704.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 88ms
18ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3704.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1744"
x-varnish: 328317826 328065033
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5956
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3683.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 90ms
21ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3683.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1dd7"
x-varnish: 289880933 289372807
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7639
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 102ms
33ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1af6"
x-varnish: 290170135 289624460
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6902
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3699.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 125ms
56ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3699.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1257"
x-varnish: 313102114 311270474
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 4695
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 103ms
35ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1788"
x-varnish: 287631197 285042949
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6024
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3694.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 103ms
35ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3694.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1648"
x-varnish: 186752701 183943487
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5704
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3680.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 37ms
36ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3680.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-181e"
x-varnish: 561073424 561001860
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6174
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 22ms
21ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1a3b"
x-varnish: 309473903 307920132
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6715
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3690.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 23ms
23ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3690.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-19d8"
x-varnish: 195502190 193507398
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6616
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 25ms
25ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1707"
x-varnish: 280475080 279676037
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5895
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3679.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 35ms
34ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3679.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-170f"
x-varnish: 288133306 286869428
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5903
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 42ms
41ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-17cf"
x-varnish: 514726999 513032925
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6095
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3703.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 42ms
41ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3703.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1c84"
x-varnish: 288555346 287263956
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 7300
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3682.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 45ms
44ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3682.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1c77"
x-varnish: 288164671 287503884
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7287
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 47ms
46ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1b1f"
x-varnish: 289962303 289704326
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6943
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3675.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 51ms
51ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3675.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-18e5"
x-varnish: 289962305 288737210
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6373
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 53ms
52ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1327"
x-varnish: 290170178 288614829
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4903
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H2 200 344158.png
img.sportradar.com/ls/crest/medium/ 4 KB
5 KB 57ms
56ms Image
image/png 2a02:26f0:1700:5::5f65:1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/344158.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:47 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b7-1108"
x-varnish: 179017892 178045840
cache-control: max-age=86400
date: Wed, 02 Mar 2022 17:57:13 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 4360
server: nginx/1.10.3
expires: Thu, 03 Mar 2022 17:57:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A7AD 1 KB
396 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 16:37:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Mar 2022 17:57:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Mar 2022 17:57:13 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
832 B 65ms
32ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1646243833077

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.df247e68.1646243833.57ae619
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4794017687981123
pin-unauth: dWlkPU16QTNOR1UxTjJNdFpXSTBOUzAwWW1VM0xXSTBabU10TldOa04yVXhNRE5sT1dZeQ
access-control-allow-origin: https://www.thestar.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 106ms
73ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1646243833078

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.df247e68.1646243833.57ae627
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7695319496115395
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame A7AD 23 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 599203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:30 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame A7AD 23 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 599202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:31 GMT

GET
H2 200 28275742 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 48ms
47ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28275742

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

2fc18fcef06aac46b54b17c448ddbe62de7655da8466e9f5ba3df7d0c0829bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"df5b9e817bb05ef0906f2f309f30e9f32db3c680"
xip: 168.119.68.238
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-iyofnzoo
grace: none
content-length: 1999
x-feeds-fv: feeds-prod-vie1-var-il
last-modified: Wed, 02 Mar 2022 14:49:59 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 82117309 925498507, 874392846 505739061
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web15
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 17:49:59 GMT

GET
H2 200 28275740 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
2 KB 53ms
53ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28275740

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

e772888cb9cc4cfd6bec4aeb1e8ccc45fab461f1bf561e1e090a9da3542a1267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cebabd444418233f85fe664d85f7d66363ae174b"
xip: 168.119.68.252
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 1926
x-feeds-fv: feeds-prod-vie1-var-ci
last-modified: Wed, 02 Mar 2022 17:49:41 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 417121644 425133652, 637130026
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 20:49:41 GMT

GET
H2 200 28275738 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 54ms
54ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28275738

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/7.4.22

Resource Hash

a30f835d91cea7927536ed6a0e593181939cfb1d4e1c091e875851904c41c350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"98be7fcb3d4cbe34e6ce2e33870d7f8bfcf73a08"
xip: 168.119.68.252
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-hfhmiray
grace: none
content-length: 1982
x-feeds-fv: feeds-prod-euc1-fvauto-0675a0ae31651bb2b
last-modified: Wed, 02 Mar 2022 17:50:06 GMT
server: nginx/1.18.0 (Ubuntu)
date: Wed, 02 Mar 2022 17:57:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 353656214 340700600, 1009881413 1005059709
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web06
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 20:50:06 GMT

GET
H2 200 28275736 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 93ms
92ms XHR
application/json 2a02:26f0:1700:5::5f65:1b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28275736

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

8dbd77a107ff4b54425a19c0ec6009197d28068a81d5f0a72bd165dfd70ac511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"3fba6a6b7417f2bf43f40e46b27fca1eb5dccc1c"
xip: 2001:ac8:20:3b00:1012:bbf5:1f37:f386
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-prod-zrh4-web3
grace: none
content-length: 1990
x-feeds-fv: feeds-prod-vie1-var-ob
last-modified: Wed, 02 Mar 2022 17:50:12 GMT
server: nginx/1.10.3
date: Wed, 02 Mar 2022 17:57:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 22402246 19495572, 952168383
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Wed, 02 Mar 2022 20:50:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1646243829785&de=153655576351&rx=866830701108&m=0&ar=944fd8091a1-clean&iw=60a2507&q=1&cb=0&cu=1646243829785&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A682%3A1751%3A0%3A935&fs=196859&na=327670600&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:13 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 57ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69822432c4a83f7f2d9f1a824f0004131dff075b4109bfa38917cca830ffcc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10624
x-xss-protection: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 0417
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

213ms
212ms

Document
text/html

184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

966f2d8e2766a8f32b05dbb03e2a9a08b750541f0ee58222d498d85a527a7b2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-675db8b0454abf4a19391b907b259890' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1544195545045933; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-675db8b0454abf4a19391b907b259890' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1544195545045933; frame-ancestors *
content-security-policy-report-only: default-src 'self'; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com *.adyen.com *.adyenpayments.com; font-src 'self' s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-675db8b0454abf4a19391b907b259890' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 107
pinterest-generated-by: coreapp-webapp-prod-0a011773
content-encoding: gzip
pinterest-version: 3437d47
referrer-policy: origin
x-pinterest-rid: 1544195545045933
date: Wed, 02 Mar 2022 17:57:13 GMT
content-length: 281
akamai-grn: 0.df247e68.1646243833.57ae964
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 89
pinterest-generated-by: coreapp-webapp-prod-0a01194b
content-encoding: gzip
pinterest-version: 3437d47
referrer-policy: origin
x-pinterest-rid: 3967529573761959
date: Wed, 02 Mar 2022 17:57:13 GMT
akamai-grn: 0.df247e68.1646243833.57ae724
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 62ms
16ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 14 Feb 2022 14:11:16 GMT
server: snooserv
etag: "9dd34b4324742bd3f713adf7f070d3b4"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7531

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 63ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:12 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDA50DF938924E52A3C26245742D4FDD Ref B: FRAEDGE1313 Ref C: 2022-03-02T17:57:13Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 392ms
30ms Script
application/x-javascript 2.16.186.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=58619
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 B24540798.279406836;sz=1x2;ord=488764362634 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 31 KB
11 KB 40ms
39ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=488764362634?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

bc78fbf3455e789da820a7c96da836fe0722a6fa4474299138a49b64d615bef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11556
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 92 KB
36 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2d649e08bfa685736d62cc59f9109bfbec9b8b36406dc2e44acd5c799bc5248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36371
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Mar 2022 17:57:13 GMT

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 118ms
116ms Script
text/plain 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3f711e90-3306-4043-a2a5-13ecd876f375&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 02 Mar 2022 17:57:13 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: d1036e69db73720d4624dc991470038666ac860bbd6fdfa789360982f35de6d6
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
101 B 139ms
138ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3f711e90-3306-4043-a2a5-13ecd876f375&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 127
date: Wed, 02 Mar 2022 17:57:13 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 46e976a9609eba197786e9e462df555ad85ad0969071fe661c8324860ba5fa23
content-length: 43

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4ED3 0
18 B 15ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.thestar.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 02 Mar 2022 17:57:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1646243829785&de=153655576351&rx=866830701108&cu=1646243829785&m=3432&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11339&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A682%3A1751%3A0%3A935&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=27254589&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:13 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Mar 2022 17:57:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ 8 KB
3 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=488764362634?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:55:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
524 B 79ms
41ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNCuniei7vw4dwH6oltVxCd-EDY5CBNJFUnVqbXPpQBWdamKb-Zn4o41ZSQGXFk0knwqRM8iimbCOsjbG6xi0hZI3PwUOW74dxKj7q9Os7sq8f27HA4SJ9dtmqqu_VK9MZy2tMRpc9o-p4A2WUXHs&sig=Cg0ArKJSzNmbFpzomC8jEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220228.07771&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=488764362634?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Mar 2022 17:57:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 407ms
371ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1646243833296&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=68b03dca-0db1-458c-b372-cf1956e866fb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_da535582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 684 B
746 B 350ms
349ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/13008914.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a4710df14dae0b64228f35cb191eb22dcb76d89978d5fb9343ee927f1ac7fd1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37222BA52BEC4A3CA05B1426C97FA770 Ref B: FRAEDGE1313 Ref C: 2022-03-02T17:57:13Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 586

GET
H2 204 0
bat.bing.com/action/ 0
173 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=a2c62472-0086-4cf6-b298-708ae8694cfc&sid=307b65c09a5211ecb6777169e90d30df&vid=307bb5909a5211ecb642f7dcb4253c73&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=4120&evt=pageLoad&msclkid=N&sv=1&rn=881554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3E87D5899274440B30408A5FFB3DBA4 Ref B: FRAEDGE1313 Ref C: 2022-03-02T17:57:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 467A 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Mar 2022 17:54:05 GMT
expires: Thu, 02 Mar 2023 17:54:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 672A 783 B
535 B 32ms
16ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b707c3ff25576033c25bab0f9838b03189a4f3ff3a673e33ae67aff873784519

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WmjYpU6TBqOfgc+kJir86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 02 Mar 2022 17:57:13 GMT
date: Wed, 02 Mar 2022 17:57:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WmjYpU6TBqOfgc+kJir86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js Show response
pagead2.googlesyndication.com/bg/ Frame 467A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13514
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 17:33:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 672A 0
0 56ms
55ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022401&jk=2118326946463654&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 467A 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ETViSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 s97662184726578 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/ 43 B
349 B 16ms
16ms XHR
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/s97662184726578

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/9c64126f1beb/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 03 Mar 2022 17:57:13 GMT
server: jag
xserver: anedge-cdfbd77b-x4zdj
etag: 3535281712641802240-4619816516941651518
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 01 Mar 2022 17:57:13 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 26ms
26ms Script
application/x-javascript 2.16.186.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=71432
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0417 0
3 KB 151ms
150ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1544195545045933

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-40d2adc092c1b72c2e50c6e1c535bf18' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1088570766752694; frame-ancestors 'self' , script-src 'nonce-40d2adc092c1b72c2e50c6e1c535bf18' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1088570766752694
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-40d2adc092c1b72c2e50c6e1c535bf18' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1088570766752694; frame-ancestors 'self' , script-src 'nonce-40d2adc092c1b72c2e50c6e1c535bf18' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1088570766752694
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.df247e68.1646243833.57aebbc
content-security-policy-report-only: default-src 'self'; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com *.adyen.com *.adyenpayments.com; font-src 'self' s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-40d2adc092c1b72c2e50c6e1c535bf18' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 48
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1088570766752694
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 3437d47
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 02 Mar 2022 17:57:13 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011ad7

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0417 0
3 KB 432ms
432ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-d96e1e5d86514989e4ec6a5941c21335' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6300518170771283; frame-ancestors 'self' , script-src 'nonce-d96e1e5d86514989e4ec6a5941c21335' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6300518170771283
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-d96e1e5d86514989e4ec6a5941c21335' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6300518170771283; frame-ancestors 'self' , script-src 'nonce-d96e1e5d86514989e4ec6a5941c21335' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6300518170771283
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.df247e68.1646243833.57aebc0
content-security-policy-report-only: default-src 'self'; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com *.adyen.com *.adyenpayments.com; font-src 'self' s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-d96e1e5d86514989e4ec6a5941c21335' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 120
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 6300518170771283
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 3437d47
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 02 Mar 2022 17:57:14 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011852

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 0417 0
3 KB 143ms
142ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-ea3c08c97486cf4d4ee61711c7866640' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1704741186046191; frame-ancestors 'self' , script-src 'nonce-ea3c08c97486cf4d4ee61711c7866640' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1704741186046191
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-ea3c08c97486cf4d4ee61711c7866640' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1704741186046191; frame-ancestors 'self' , script-src 'nonce-ea3c08c97486cf4d4ee61711c7866640' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1704741186046191
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.df247e68.1646243833.57aebc4
content-security-policy-report-only: default-src 'self'; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com *.adyen.com *.adyenpayments.com; font-src 'self' s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-ea3c08c97486cf4d4ee61711c7866640' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 43
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1704741186046191
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 3437d47
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 02 Mar 2022 17:57:13 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011052

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1646243833656%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKGOSgtuwPEugAAAX9Lx2hzVTneQ3Yji0fKSF2dXXVT...

0
264 B

130ms
111ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKGOSgtuwPEugAAAX9Lx2hzVTneQ3Yji0fKSF2dXXVTphfQISn_N6skC6T4DnuclghUxcrBKzQ0P7coL_TrsAesN9Ieww
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5ED3B07F851A4202BE8632146EE051EB Ref B: FRAEDGE0917 Ref C: 2022-03-02T17:57:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZQALxxSJlEv3F7sO6nQ==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 02 Mar 2022 17:57:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3FB71876ABB442D0ACAE98B1EC1F2040 Ref B: FRAEDGE0720 Ref C: 2022-03-02T17:57:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1646243833656&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKGOSgtuwPEugAAAX9Lx2hzVTneQ3Yji0fKSF2dXXVTphfQISn_N6skC6T4DnuclghUxcrBKzQ0P7coL_TrsAesN9Ieww
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZQALv0P8LnEbsZQQo1A==

GET
H2 200 clarity.js Show response
h.clarity.ms/s/0.6.32/ 53 KB
23 KB 289ms
93ms Script
application/javascript 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:13 GMT
content-encoding: br
etag: "1d82c9e8417ef90"
last-modified: Mon, 28 Feb 2022 12:27:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&RedC=c.clarity.ms&MXFR=067CD8803DDD69200FE1C9DB39DD6781
https://c.clarity.ms/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&MUID=14D31B0080076E2A3DE10A5B81D56F96

42 B
367 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&MUID=14D31B0080076E2A3DE10A5B81D56F96
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
last-modified: Fri, 18 Feb 2022 21:27:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f9eac45e25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9D2A45FE0FF4D1D87DCEC91A2247476 Ref B: FRAEDGE1313 Ref C: 2022-03-02T17:57:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=3576F6DED0864F8C9CDA295594C05C1D&MUID=14D31B0080076E2A3DE10A5B81D56F96
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50D2 42 B
64 B 55ms
41ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8rnGiiBUqxNV-_dNVHI-CJDhQjtAMBTOwr1zEsfTN3NfJWIAva0c7Eyqk7oixYXzCD1jUj2wilOJy2e2cRoea&sig=Cg0ArKJSzMvzl_gEn7gcEAE&id=lidar2&mcvt=1000&p=10,436,100,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1887631228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646243832132&rpt=707&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022401&jk=2118326946463654&bg=!3d6l3prNAAYFuXAgBbk7ACkAdvg8WiISf0zn724jqJyqUumKFXkEuPJ0vqpkH16YEGB15MFKdeQr9AIAAAB5UgAAAANoAQcKAFqBO8z7KbXQJkIQUptmpIgwJhIyUkiBs15CdkJTTA3-zFk4NA305GQ8gc-3fvn2Ljwc4raK0X0lJ6YzbRnUnscus9k9IrlROMY1kgE3wR9ArkQ8VFcbM_cJ4t2ZApT3IFy4IPymuthDXbTd211PXWeu5gGxIgKfVvF-1F2_w8-eyOFcUX0x24I6HkTsNg0f8bqhlaL4h4XaEezEJQ00sgL1wF58OjNQAPge7vh49GvHM_Ja-iGBRv2iVXXiZpbEJi637XvTzj07iqcY19CLdDxshPMb4AMrBp0GYpMiWDo0TIpAiXPpi3nizVj-vz7GlL-TsbSCIMUfP1C6eWgTqMFv3TfDUNvQbTs0InIBrM5gK8XJ1KPN2sYlRo1ckrTgQZ-tPWaTBa-m6T9kWpGhi3moHMOn6js8Vxa6F6-BznyJWM0Wz1KtDZx9GMidTPs0eLBKeUmpgRjs53bjdjhOLV8CqCqXobT74OUBE_iLcguHJQIlH_RN5s_qO-PWpjeQvX4zIEt3-9Ozhv0XWrK_300oH-M9LpN7gsqmcpcYQmYT_EK4mo3gDsCQCb62arx6-OwGTkZ1uPpGGQiiTvt_0qfmezqBkrjH546swA3c7_c9aY-diy8gNs-3XhBuoZN9l9zMbFrQ5WZvSXqA2MNm94935VJ859Byn86aTuLQHLMcPAFvjh_lYxb9e2RTyL65LHNgrnhxr14l0GFEz7V3hbvsasnfVcojiahh_3gw8dF7xTtHO362ZuOCBShmVwFeqi-OVj_NfGyNrrtHRcI62Uxod0ArpEDVU6SU80-uAb-MS9QkYTUgqo5EI_JfJPhvDO2AKd7upg5EGRKcnt0TVqm5JEODImu13V9FyOkw1V5QOvHJNAHAUNkS-MEnyJ_extdRJsS-aC1cs0MXHJ9Uwe1v87hcCYebSfZ9zMxsBw8EVHgNELYNdYI0_bE4H-evDGt4-wDGDGtXc0wX-uh12D50dcByzzmAqLX2uKjQOmFgFww

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A7AD 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 204 collect Show response
h.clarity.ms/ 0
93 B 481ms
481ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Wed, 02 Mar 2022 17:57:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame A764 11 KB
12 KB 40ms
40ms Document
text/html 34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=ab6edd6d-e2f8-45ce-9686-7787ea46d15f&publisherId=TKN100000001&siteId=4204204311&cb=1646243831484&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/

Response headers

date: Wed, 02 Mar 2022 17:57:14 GMT
content-type: text/html; charset=utf-8
content-length: 11722
accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Wed, 02 Mar 2022 03:07:52 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame A764 4 KB
4 KB 39ms
38ms XHR
text/plain 34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=ab6edd6d-e2f8-45ce-9686-7787ea46d15f&publisherId=TKN100000001&siteId=4204204311&cb=1646243831484&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 083e5f5dd9c9ec0f2e9b6cc63cd154885d5fca95aa3129e8b35287756bedcd01

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=ab6edd6d-e2f8-45ce-9686-7787ea46d15f&publisherId=TKN100000001&siteId=4204204311&cb=1646243831484&bidder=ozone
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 cookie
cm.adform.net/ Frame A764 43 B
106 B 58ms
18ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:14 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_priva...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e7577567-1981-4868-b28f-34b781800e3b

0
374 B

34ms
33ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e7577567-1981-4868-b28f-34b781800e3b
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e7577567-1981-4868-b28f-34b781800e3b
Date: Wed, 02 Mar 2022 17:57:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
133 B 15ms
15ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 07f354e68fa269c6d010ab5b550ff206146be59869ab0b6edc72110e36222c5b

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 02 Mar 2022 17:57:14 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
via: 1.1 google

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=1ae7decc-46f8-4697-99f2-3750ee691109

0
501 B

34ms
34ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=1ae7decc-46f8-4697-99f2-3750ee691109
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=1ae7decc-46f8-4697-99f2-3750ee691109
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%...
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=1f9c659e-a453-456d-9825-5e09d04cf824

0
629 B

38ms
38ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=1f9c659e-a453-456d-9825-5e09d04cf824
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=1f9c659e-a453-456d-9825-5e09d04cf824
date: Wed, 02 Mar 2022 17:57:15 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2 200 prebid
rtb.openx.net/sync/ Frame A764 43 B
350 B 37ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: l1eps4jt2jrvs2m4p4a9m0vddt4sc421

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=8ad955c2-f6ea-4018-be41-656b3e6bd764

0
760 B

46ms
46ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=8ad955c2-f6ea-4018-be41-656b3e6bd764
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=8ad955c2-f6ea-4018-be41-656b3e6bd764
date: Wed, 02 Mar 2022 17:57:15 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 collect Show response
h.clarity.ms/ 0
25 B 114ms
114ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Wed, 02 Mar 2022 17:57:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=5614830155309880594

0
869 B

39ms
39ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=5614830155309880594
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=5614830155309880594
date: Wed, 02 Mar 2022 17:57:15 GMT
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 36ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=5680&wr=5678&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11339&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11339&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1646243829785&de=153655576351&rx=866830701108&cu=1646243829785&m=5680&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A682%3A1751%3A4120%3A935&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2214&cd=0&ah=2214&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=1402624454&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:15 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=479715198273558496077

0
989 B

43ms
43ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=479715198273558496077
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=479715198273558496077
date: Wed, 02 Mar 2022 17:57:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A764 0
277 B 495ms
170ms Image
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Mar 2022 17:57:16 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 24ms
24ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Wed, 02 Mar 2022 17:57:15 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 50ms
49ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:15 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A764 0
239 B 33ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7690 15 KB
6 KB 100ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=ab6edd6d-e2f8-45ce-9686-7787ea46d15f&publisherId=TKN100000001&siteId=4204204311&cb=1646243831484&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=170031
expires: Fri, 04 Mar 2022 17:11:07 GMT
date: Wed, 02 Mar 2022 17:57:16 GMT
vary: Accept-Encoding

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A7AD 17 KB
18 KB 16ms
15ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a7b6865322d4a5f8d466a5a5a7facaa4565dbd62b1379e8c95ccbadb13be055d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=651226
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17870
expires: Thu, 10 Mar 2022 06:51:02 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7690 2 KB
3 KB 66ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19752605&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c36c6f551681b3395c38bf70e2a7f00932eff590d253e9afa3795c45627e744a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4EF1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B

35 B
468 B

19ms
19ms

Document
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 02 Mar 2022 17:57:16 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9D93
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e802621f-affc-4400-9a35-45ec7271ff69&gdpr=0&gdpr_consent=

42 B
339 B

57ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e802621f-affc-4400-9a35-45ec7271ff69&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:990
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 02 Mar 2022 17:57:16 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4172 645ee8c master zrh-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e802621f-affc-4400-9a35-45ec7271ff69&gdpr=0&gdpr_consent=
Expires: Wed, 02 Mar 2022 17:57:15 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A314
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3789303753791213705

42 B
210 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3789303753791213705
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug015:0:451
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3789303753791213705
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 679D 43 B
362 B 40ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Wed, 02 Mar 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 526357
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 65E5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070563436872726668

42 B
522 B

61ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070563436872726668
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Mar 2022 17:57:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug016:0:438
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 02 Mar 2022 17:57:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070563436872726668

GET
H2 200 setuid Show response
elb.the-ozone-project.com/ Frame A09B 0
1 KB 30ms
29ms Document
text/plain 34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rZodeaM3TxiuFJ7wnKk5ew%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

20ms
20ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=170031
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Fri, 04 Mar 2022 17:11:07 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b23621f-affc-4100-80c0-59add9ec2d57

0
260 B

73ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b23621f-affc-4100-80c0-59add9ec2d57
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 02 Mar 2022 17:57:16 GMT
Server: MT3 4172 645ee8c master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b23621f-affc-4100-80c0-59add9ec2d57
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Mar 2022 17:57:15 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7690
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=AD9A1D79-A337-4F18-AE14-9EF09CA9397B
https://spl.zeotap.com/?zdid=1332&zcluid=14792d4192aab29e
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e78ef5de1e6&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHN5BY21_lJKUkMh9en1Wz4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e7...

95 B
164 B

57ms
45ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHN5BY21_lJKUkMh9en1Wz4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e78ef5de1e6&zcluid=14792d4192aab29e&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6e5c038affae0e2a-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHN5BY21_lJKUkMh9en1Wz4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d76f876b-d542-4edd-4e5f-fcdaa49dc56c&reqId=b117732c-40db-4734-6345-5e78ef5de1e6&zcluid=14792d4192aab29e&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUQ5QTFENzktQTMzNy00RjE4LUFFMTQtOUVGMDlDQTkzOTdC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

51ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJBVB18irgiVeEJso2d129Y&google_cver=1

42 B
358 B

44ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJBVB18irgiVeEJso2d129Y&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:586
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJBVB18irgiVeEJso2d129Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7690 43 B
610 B 74ms
20ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 01 Mar 2022 17:57:16 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7528565762967953554

42 B
235 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7528565762967953554
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:453
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7528565762967953554
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ae7decc-46f8-4697-99f2-3750ee691109

42 B
293 B

60ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ae7decc-46f8-4697-99f2-3750ee691109
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:576
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ae7decc-46f8-4697-99f2-3750ee691109
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7690
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1863203928492679470&gdpr=0&gdpr_consent=

42 B
233 B

76ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1863203928492679470&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:618
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:16 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 006e3828-55a9-418e-864b-dc0bae9a41a6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1863203928492679470&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
36ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=11&mc=0&lb=11339&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=11339&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1646243829785&de=153655576351&rx=866830701108&cu=1646243829785&m=6690&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A682%3A1751%3A4120%3A935&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3217&cd=2214&ah=3217&am=2214&xd=00&rf=0&re=0&wb=1&ai=5680&wr=5678&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=1975480638&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:16 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Yh.v-IDEAAcjiAXo4VVBsAAA%261204

0
1 KB

33ms
32ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Yh.v-IDEAAcjiAXo4VVBsAAA%261204
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Yh.v-IDEAAcjiAXo4VVBsAAA%261204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 303
Expires: Wed, 02 Mar 2022 17:57:16 GMT

GET
H2 204 101995
dmx.districtm.io/s/v1/img/s/ Frame A764 0
59 B 12ms
11ms Image
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmx.districtm.io/s/v1/img/s/101995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6e5c038cbd135b2c-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=269b2464-51c6-487e-ac8d-adf966357209

0
1 KB

29ms
29ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=269b2464-51c6-487e-ac8d-adf966357209
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=269b2464-51c6-487e-ac8d-adf966357209
date: Wed, 02 Mar 2022 17:57:16 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAG_6U7EP2AAAAsg4jRTxw

0
1 KB

36ms
36ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAG_6U7EP2AAAAsg4jRTxw
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAG_6U7EP2AAAAsg4jRTxw
Date: Wed, 02 Mar 2022 17:57:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame A764
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1863203928492679470

0
2 KB

34ms
34ms

Image
text/plain

34.249.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1863203928492679470
Protocol: H2
Server: 34.249.87.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-87-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 02 Mar 2022 17:57:17 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 85e53a78-401d-447b-a4c3-2a5ed9501460
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1863203928492679470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Wed, 02 Mar 2022 17:57:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&fl=1&j=&xc=0&xb=0&xa=0&md=11&mc=11&lb=11339&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=11339&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1646243829785&de=153655576351&rx=866830701108&cu=1646243829785&m=8506&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A682%3A1751%3A4120%3A935&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5019&cd=3217&ah=5019&am=3217&xd=00&rf=0&re=0&wb=1&ai=5680&wr=5678&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=96720270&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:18 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7690 0
128 B 33ms
20ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:57:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 357ms
116ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1646243839987&plid=87132380&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11339%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1646243830869&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Wed+Mar+02+2022+17%3A57%3A19+GMT%2B0000+(GMT)&action=_scroll&pvid=69893895&u=pid%3D47b08662c56060417f96bc446ff4cce6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 17:57:20 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 02-Mar-2022 17:57:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 all
csm.eu.criteo.net/ Frame A7AD 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:19 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=7&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-0A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&fl=1&j=&xc=0&xb=0&xa=0&md=11&mc=11&lb=11339&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=11339&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1646243829785&de=153655576351&rx=866830701108&cu=1646243829785&m=10685&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A682%3A1751%3A4120%3A935&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7227&cd=5019&ah=7227&am=5019&xd=00&rf=0&re=0&wb=1&ai=5680&wr=5678&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=662178611&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 17:57:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 02 Mar 2022 17:57:20 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/ 35 B
49 B 107ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/bfe33a51-fb50-4f2a-fad3-8ac33a47612a/__activity.gif?e=stuck_10s&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=11636&blst=882&ist=1631&iet=1634&bdst=882&bdet=954&bcttt=74&jsfv=nbc&ts=1646243840737&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=bfe33a51-fb50-4f2a-fad3-8ac33a47612a&sid=d5c834af-aa2b-4cb2-c3be-c78596c894a6&pvid=85c2486e-b4d5-4c9a-adbc-4103d5f804f6&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 02 Mar 2022 17:57:20 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

121 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 10:53:23	Name: BCSessionID Value: e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38
torstar.blueconic.net/DG/DEFAULT	1970-01-20 10:02:59	Name: BCSessionID Value: e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38
www.thestar.com/	1970-01-20 10:02:59	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 10:02:59	Name: last_visit_bc Value: 1646243829545
.thestar.com/	1970-01-20 10:02:59	Name: bc_tstgrp Value: 1
.thestar.com/	1970-01-20 10:04:26	Name: _vwo_uuid_v2 Value: D4B6DEBD9A5B16FDC1DEC92BBEE782C54\|5ef5e730d794c112602590b8dbb638b4
.thestar.com/	1970-01-21 03:35:38	Name: permutive-id Value: 8728fcfa-e5f4-4d84-a37c-98fdd8160448
.thestar.com/	1970-01-20 03:41:23	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-23 16:53:23	Name: _vwo_uuid Value: D4B6DEBD9A5B16FDC1DEC92BBEE782C54
.thestar.com/	1970-01-20 01:17:25	Name: _vwo_sn Value: 0%3A1
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 03:29:52	Name: pxid Value: 43589cc0-b3c6-45be-abaf-fd8f2ec7ca24
.thestar.com/	1970-01-20 03:26:59	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241646243829%3A16.93314089%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
.t.co/	1970-01-20 18:48:35	Name: muc_ads Value: c9f981a7-918f-4521-881a-c0fb4c8fa461
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.demdex.net/	1970-01-20 05:36:35	Name: demdex Value: 14695474953253224114300255948331748002
.adsrvr.org/	1970-01-20 10:02:59	Name: TDID Value: 1ae7decc-46f8-4697-99f2-3750ee691109
www.thestar.com/	1970-01-20 02:00:35	Name: AccessToken Value: idv2l09v2l38hq68g0sqx4ria7slqy4en
www.thestar.com/	1970-01-20 01:18:50	Name: ios-smart-banner-shown Value: true
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: d5c834af-aa2b-4cb2-c3be-c78596c894a6
.thestar.com/	1970-01-20 10:02:59	Name: _ig Value: bfe33a51-fb50-4f2a-fad3-8ac33a47612a
.thestar.com/	1970-01-20 18:48:35	Name: s_ecid Value: MCMID%7C14709582713658466894296593922401128616
.everesttech.net/	1970-01-20 10:02:59	Name: everest_g_v2 Value: g_surferid~Yh_v9gAAAIY5vwP7
.scorecardresearch.com/	1970-01-20 18:34:11	Name: UID Value: 13De97b95523e2728ddfb301646243830
.dpm.demdex.net/	1970-01-20 05:36:35	Name: dpm Value: 14695474953253224114300255948331748002
.thestar.com/	1970-01-20 18:48:35	Name: _ga Value: GA1.2.429284219.1646243831
.thestar.com/	1970-01-20 01:18:50	Name: _gid Value: GA1.2.1228874061.1646243831
.thestar.com/	1970-01-20 01:17:23	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 01:17:23	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 01:17:25	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1646243830869%2C%22slts%22:0}
.thestar.com/	1970-01-20 18:50:02	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19054%7CMCMID%7C14709582713658466894296593922401128616%7CMCAAMLH-1646848630%7C6%7CMCAAMB-1646848630%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646251030s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19061%7CvVersion%7C5.3.0
www.thestar.com/	1970-01-20 02:00:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 10:46:47	Name: _parsely_visitor Value: {%22id%22:%22pid=47b08662c56060417f96bc446ff4cce6%22%2C%22session_count%22:1%2C%22last_session_ts%22:1646243830869}
www.thestar.com/	1970-01-20 10:02:59	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1646243831017
.rubiconproject.com/	1970-01-20 10:02:59	Name: khaos Value: L09V2LT8-1Y-LD4
.rubiconproject.com/	1970-01-20 10:02:59	Name: audit Value: 1\|naVuGyos1qoEyItOMRPbJEHau3iET1N0BmQvWiFCZkI/v2L5sO5vr95ML0+nBNAJZ5DH12jhCRGScjHPe80SWMxuhZpbWKLt+XD9g38/+iI=
.adnxs.com/	1970-01-20 03:26:59	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Ilkx82Qr!]tbP6j2F-XstGt!@E$x%!rX6
.adnxs.com/	1970-01-20 03:26:59	Name: icu Value: ChgI8ppSEAoYASABKAEw99_-kAY4AUABSAEQ99_-kAYYAA..
.adnxs.com/	1970-01-20 03:26:59	Name: uuid2 Value: 1863203928492679470
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: e57d3b9e-5919-4b0b-9c3a-a4f33e18eb38
.www.thestar.com/	1970-01-20 18:48:35	Name: ts_s_ecid Value: MCMID%7C14709582713658466894296593922401128616
.thestar.com/	1970-01-20 10:38:59	Name: __gads Value: ID=fa557e1443c254db-22837b1a52cd001e:T=1646243831:S=ALNI_MbQP5oXJHPZeaPyGsiTD7WBa5usLQ
www.thestar.com/	1970-01-20 01:21:43	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 01:24:35	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
torstar.blueconic.net/	1970-01-20 01:27:28	Name: AWSALBCORS Value: dBSS+hc9D5uIAFp9yN9L1VFVB1pTWsbwgKQBG9axd31e3Z6vfrwj4uXHsdF3UVzx7QfOVrQVssLGvmTNca9MLJYxiBMi/ZYtsdOvR+/6y+Jfe3AMUpDRR3iw0Hmj
e377.thestar.com/	1970-01-20 01:27:28	Name: AWSALB Value: u//uE1tUY7RSuXbRvPXupb5VanUhjBHgMySIMVqXxEt1Ml5fyc9CpZLYkw6JS0qBSBU5vqTEA9eZIdFUIRvk9x0T3pPTWHXYlkXuud7yvZzVkOGrlh7NB2gCZLmL
e377.thestar.com/	1970-01-20 01:27:28	Name: AWSALBCORS Value: u//uE1tUY7RSuXbRvPXupb5VanUhjBHgMySIMVqXxEt1Ml5fyc9CpZLYkw6JS0qBSBU5vqTEA9eZIdFUIRvk9x0T3pPTWHXYlkXuud7yvZzVkOGrlh7NB2gCZLmL
.thestar.com/	1970-01-20 03:26:59	Name: _fbp Value: fb.1.1646243832740.1739664056
.doubleclick.net/	1970-01-20 10:38:59	Name: IDE Value: AHWqTUkq_9An1bMHQ0VjsI-qipsHjy9reI6Le_9HXNi5NthEg9xot3snx6pEyPMENAg
.facebook.com/	1970-01-20 03:26:59	Name: fr Value: 01kjAWvjVwwtvjn7w..BiH6_4...1.0.BiH6_4.
.thestar.com/	1970-01-20 03:26:59	Name: _gcl_au Value: 1.1.284600882.1646243833
.thestar.com/	1970-01-20 10:02:59	Name: _pin_unauth Value: dWlkPU16QTNOR1UxTjJNdFpXSTBOUzAwWW1VM0xXSTBabU10TldOa04yVXhNRE5sT1dZeQ
.bing.com/	1970-01-20 10:38:59	Name: MUID Value: 14D31B0080076E2A3DE10A5B81D56F96
.thestar.com/	1970-01-20 03:26:59	Name: _rdt_uuid Value: 1646243833296.68b03dca-0db1-458c-b372-cf1956e866fb
.thestar.com/	1970-01-20 01:18:50	Name: _uetsid Value: 307b65c09a5211ecb6777169e90d30df
.thestar.com/	1970-01-20 10:38:59	Name: _uetvid Value: 307bb5909a5211ecb642f7dcb4253c73
.thestar.com/	1970-01-20 02:00:35	Name: s_nr Value: 1646243833597-New
.thestar.com/	1970-01-20 10:02:59	Name: s_nr2 Value: 1646243833598-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.pinterest.de/	1970-01-20 09:55:47	Name: _pinterest_sess Value: TWc9PSZnNG5keWN0T252NE8zakhMN08yWEVkaENyUnhhRE5kTWlnK1hnSFY1N2NxUDRFTXc0NWp5cTNVZU5DL3pHQk85cVBnQ1hCMm90Zmk2Qkhxc1Jod1hvdWJ3d3M0RWhodzRNOFJOYnFSZ3Zmbz0mUjJselFNcmhBNkphdnRXQnFGcnIzYXZSbHNNPQ==
.c.bing.com/	1970-01-20 10:38:59	Name: SRM_B Value: 14D31B0080076E2A3DE10A5B81D56F96
.linkedin.com/	1970-01-20 02:00:35	Name: UserMatchHistory Value: AQJM1oo0UOcm8gAAAX9Lx2eRAjjH_2HyDNCQ0js-ldVrjqhwolQp3jeAi33S3gbtJZwEAresaSFE_Q
.linkedin.com/	1970-01-20 02:00:35	Name: AnalyticsSyncHistory Value: AQJ4YMu0oSjeywAAAX9Lx2eRm_RJIyat_kXfVQP7599uFNFfnZe804bspjaumD2-7xPj9liDt764R0snpVGkVg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:49:17	Name: bcookie Value: "v=2&9095954f-faf2-4e7d-8808-02963a947604"
.linkedin.com/	1970-01-20 01:18:50	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2418:u=1:x=1:i=1646243833:t=1646330233:v=2:sig=AQGHU0zhnMy3OPBiYUAWnB2dx6JntqTA"
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:38:59	Name: MUID Value: 14D31B0080076E2A3DE10A5B81D56F96
.c.clarity.ms/	1970-01-20 01:17:24	Name: ANONCHK Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:49:17	Name: bscookie Value: "v=1&202203021757137960083b-335f-4748-8242-5ea8c99485e9AQGhr9Oz0xBtXBeF_kPaZFIMhjGOc-1h"
.linkedin.com/	1970-01-20 18:41:38	Name: li_gc Value: MTswOzE2NDYyNDM4MzM7MjswMjH7pe+EmgGnoAAB6ZiALDEk6BEsCZEYm8WaNC3Iw7WefA==
.thestar.com/	1970-01-20 10:02:59	Name: _clck Value: s0a8yw\|1\|ezf\|0
.the-ozone-project.com/	1970-01-20 03:26:59	Name: ozone_uid Value: 25q9dEoSiskHYi8pC7xNmCfJQbM
.thestar.com/	1970-01-20 01:18:50	Name: _clsk Value: 1gqjlgf\|1646243834650\|1\|1\|h.clarity.ms/collect
.bidswitch.net/	1970-01-20 10:02:59	Name: tuuid Value: e7577567-1981-4868-b28f-34b781800e3b
.bidswitch.net/	1970-01-20 10:02:59	Name: c Value: 1646243834
.bidswitch.net/	1970-01-20 10:02:59	Name: tuuid_lu Value: 1646243834
ads.avct.cloud/	1970-01-20 10:02:59	Name: uuid Value: 1f9c659e-a453-456d-9825-5e09d04cf824
.360yield.com/	1970-01-20 03:26:59	Name: tuuid Value: 8ad955c2-f6ea-4018-be41-656b3e6bd764
.360yield.com/	1970-01-20 03:26:59	Name: tuuid_lu Value: 1646243835
.smartadserver.com/	1970-01-20 10:47:38	Name: pid Value: 5614830155309880594
.3lift.com/	1970-01-20 03:26:59	Name: tluid Value: 479715198273558496077
.ads.pubmatic.com/	1970-01-20 01:18:50	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 03:26:59	Name: KADUSERCOOKIE Value: AD9A1D79-A337-4F18-AE14-9EF09CA9397B
.pubmatic.com/	1970-01-20 03:26:59	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 01:18:50	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 03:26:59	Name: DPSync3 Value: 1647388800%3A201_197_219%7C1646265600%3A174
.pubmatic.com/	1970-01-20 03:26:59	Name: SyncRTB3 Value: 1647388800%3A56_3_13_7_161_220_21_54%7C1647475200%3A35%7C1648771200%3A203
.adsrvr.org/	1970-01-20 10:02:59	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwi6ytbtg6C-OhAFGAEgASgCMgsIusLZmpqgvjoQBTgBWghwdWJtYXRpY2AC
.adfarm1.adition.com/	1970-01-20 03:26:59	Name: UserID1 Value: 7070563436872726668
.mathtag.com/	1970-01-20 10:43:19	Name: uuid Value: 8b23621f-affc-4100-80c0-59add9ec2d57
.onaudience.com/	1970-01-20 10:02:59	Name: cookie Value: 14792d4192aab29e
.onaudience.com/	1970-01-20 01:18:50	Name: done_redirects219 Value: 1
.adform.net/	1970-01-20 02:02:02	Name: C Value: 1
.simpli.fi/	1970-01-20 10:04:26	Name: suid Value: 35C8019D4C1E426FBA65F00A24172643
.de17a.com/	1970-01-20 09:55:47	Name: guid2 Value: 1.3789303753791213705
.pubmatic.com/	1970-01-20 03:26:59	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 03:26:59	Name: KRTBCOOKIE_80 Value: 22987-CAESEJBVB18irgiVeEJso2d129Y&KRTB&16514-CAESEJBVB18irgiVeEJso2d129Y&KRTB&23025-CAESEJBVB18irgiVeEJso2d129Y
.pubmatic.com/	1970-01-20 02:00:35	Name: PugT Value: 1646243836
.pubmatic.com/	1970-01-20 03:26:59	Name: KRTBCOOKIE_57 Value: 22776-1863203928492679470&KRTB&23339-1863203928492679470
.adform.net/	1970-01-20 02:43:47	Name: uid Value: 7528565762967953554
.pubmatic.com/	1970-01-20 02:00:35	Name: KRTBCOOKIE_1101 Value: 23040-7070563436872726668
.pubmatic.com/	1970-01-20 03:26:59	Name: KRTBCOOKIE_377 Value: 6810-1ae7decc-46f8-4697-99f2-3750ee691109&KRTB&22918-1ae7decc-46f8-4697-99f2-3750ee691109&KRTB&23031-1ae7decc-46f8-4697-99f2-3750ee691109
.pubmatic.com/	1970-01-20 03:26:59	Name: KRTBCOOKIE_27 Value: 16735-uid:e802621f-affc-4400-9a35-45ec7271ff69&KRTB&16736-uid:e802621f-affc-4400-9a35-45ec7271ff69&KRTB&23019-uid:e802621f-affc-4400-9a35-45ec7271ff69&KRTB&23208-uid:e802621f-affc-4400-9a35-45ec7271ff69
.pubmatic.com/	1970-01-20 02:00:35	Name: KRTBCOOKIE_391 Value: 22924-7528565762967953554&KRTB&23263-7528565762967953554
.pubmatic.com/	1970-01-20 02:00:35	Name: SPugT Value: 1646243836
.pubmatic.com/	1970-01-20 02:00:35	Name: KRTBCOOKIE_336 Value: 5844-3789303753791213705
.zeotap.com/	1970-01-20 10:02:59	Name: zc Value: d76f876b-d542-4edd-4e5f-fcdaa49dc56c
.zeotap.com/	1970-01-20 01:18:50	Name: zsc Value: Z%90%C2X%2F%B3%3B%E6%B8V%FEs%E0%2F%7B%97%40JVkvs%8C%D1%1E%E4%3F%F5O%7B%89d%0AS%98%CD%1D%60%F5%04%0E%94%0B%CDY%EF%3A%D0%BA%3EXL%BB%C2y%27%5D%8E%DC%3F%12%94%C2X%978%9B8%80%B3%F4N%AE%95%02%3E%E8%83%E7%29%AF%FE%9A
.casalemedia.com/	1970-01-20 10:02:59	Name: CMID Value: Yh.v-IDEAAcjiAXo4VVBsAAA
.casalemedia.com/	1970-01-20 03:26:59	Name: CMPS Value: 5199
.casalemedia.com/	1970-01-20 03:26:59	Name: CMPRO Value: 1204
.casalemedia.com/	1970-01-20 01:18:50	Name: CMST Value: Yh+v-GIfr-wA
.sharethrough.com/	1970-01-20 10:02:59	Name: stx_user_id Value: 269b2464-51c6-487e-ac8d-adf966357209
.bidr.io/	1970-01-20 10:45:53	Name: bito Value: AAG_6U7EP2AAAAsg4jRTxw
.bidr.io/	1970-01-20 10:45:53	Name: bitoIsSecure Value: ok
.the-ozone-project.com/	1970-01-20 03:26:59	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxODYzMjAzOTI4NDkyNjc5NDcwIiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTcuMjYyMDAwMzQ2WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJhdm9jZXQiOnsidWlkIjoiMWY5YzY1OWUtYTQ1My00NTZkLTk4MjUtNWUwOWQwNGNmODI0IiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTUuMTIzMTE1Nzc5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBR182VTdFUDJBQUFBc2c0alJUeHciLCJleHBpcmVzIjoiMjAyMi0wMy0xNlQxNzo1NzoxNy4yMDUzNDU0MDdaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiZTc1Nzc1NjctMTk4MS00ODY4LWIyOGYtMzRiNzgxODAwZTNiIiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTQuODQ1Mzk3NzAyWiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI4YWQ5NTVjMi1mNmVhLTQwMTgtYmU0MS02NTZiM2U2YmQ3NjQiLCJleHBpcmVzIjoiMjAyMi0wMy0xNlQxNzo1NzoxNS4zNDUyNTU1ODZaIiwic291cmNlIjoiY29va2llIn0sIml4Ijp7InVpZCI6IlloLnYtSURFQUFjamlBWG80VlZCc0FBQVx1MDAyNjEyMDQiLCJleHBpcmVzIjoiMjAyMi0wMy0xNlQxNzo1NzoxNi44OTY1MzI4OVoiLCJzb3VyY2UiOiJjb29raWUifSwicHVibWF0aWMiOnsidWlkIjoiQUQ5QTFENzktQTMzNy00RjE4LUFFMTQtOUVGMDlDQTkzOTdCIiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTYuNDQzNzM2MTM0WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiMjY5YjI0NjQtNTFjNi00ODdlLWFjOGQtYWRmOTY2MzU3MjA5IiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTYuOTc5MjM1ODc3WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzbWFydCI6eyJ1aWQiOiI1NjE0ODMwMTU1MzA5ODgwNTk0IiwiZXhwaXJlcyI6IjIwMjItMDMtMTZUMTc6NTc6MTUuNTkyNzM5Nzg5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQ3OTcxNTE5ODI3MzU1ODQ5NjA3NyIsImV4cGlyZXMiOiIyMDIyLTAzLTE2VDE3OjU3OjE1LjY3MTIwNzQ4MVoiLCJzb3VyY2UiOiJjb29raWUifSwidHRkIjp7InVpZCI6IjFhZTdkZWNjLTQ2ZjgtNDY5Ny05OWYyLTM3NTBlZTY5MTEwOSIsImV4cGlyZXMiOiIyMDIyLTAzLTE2VDE3OjU3OjE0LjkxMjQ4OTIzWiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjItMDMtMDJUMTc6NTc6MTQuODQ1Mzk1MjRaIn0=

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 155) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 155) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.19803206941974394(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 173) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 173) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4b1d429f-ab86-48d4-b587-310ac4b61a0d&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=13739257-f7db-4fc6-9018-e4e5a6965e49&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=488764362634? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=488764362634?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3f711e90-3306-4043-a2a5-13ecd876f375&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-675db8b0454abf4a19391b907b259890' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' * 'unsafe-inline' blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
422516e89d6e74c9487991f18e937dcc.safeframe.googlesyndication.com
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.ssp.yahoo.com
cat.nl.eu.criteo.com
cdn.parsely.com
cdn.petametrics.com
cdnjs.cloudflare.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.clarity.ms
hb.districtm.io
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
misc.thestar.com
mwzeom.zeotap.com
p1.parsely.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
resources.thestar.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
spl.zeotap.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
t.co
thestar.com
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.pinterest.com
www.pinterest.de
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
104.16.68.69
104.244.42.133
104.244.42.195
13.107.42.14
13.224.189.108
13.248.245.213
142.250.184.226
142.250.185.166
142.250.186.162
142.251.36.34
143.204.101.224
143.204.101.28
143.204.103.127
143.204.98.119
143.204.98.19
143.204.98.25
143.204.98.61
143.204.98.71
143.204.98.86
15.236.176.210
151.101.1.140
151.139.128.11
158.101.193.158
169.50.137.184
172.217.18.98
178.250.0.139
178.250.0.162
178.250.2.148
178.250.2.151
18.184.187.38
18.64.115.128
18.64.79.176
18.64.79.97
184.30.24.193
185.29.132.241
185.33.220.240
185.33.220.244
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.122
199.232.136.157
2.16.186.8
2.18.233.180
2.18.235.40
2.20.85.164
213.155.156.181
23.37.38.181
2602:803:c003:200::51
2606:4700:10::6816:1957
2606:4700::6810:125e
2606:4700::6810:7caf
2606:4700::6812:551
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9c
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:26f0:1700:5::5f65:1b5a
2a02:26f0:1700:5::5f65:1b62
2a02:26f0:1700:5::5f65:1b69
2a02:26f0:7100:1b2::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::396
3.124.249.183
34.107.254.252
34.120.133.55
34.194.161.83
34.249.87.8
34.96.102.137
35.157.246.167
35.190.14.224
35.227.252.103
35.241.9.51
35.244.159.8
35.71.131.137
37.157.4.24
37.157.6.245
50.16.19.147
51.104.28.77
51.210.112.63
52.139.4.139
52.142.114.2
52.212.211.89
52.213.253.251
52.224.31.34
52.48.241.99
54.154.22.197
54.170.158.38
54.194.228.85
54.75.68.230
63.251.14.3
65.9.84.101
69.173.144.138
85.114.159.93
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e01d2af841c8ba00def5ead6b3623eb3adada77612fddd47f3275b87b4c6c6
079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29
07f354e68fa269c6d010ab5b550ff206146be59869ab0b6edc72110e36222c5b
083e5f5dd9c9ec0f2e9b6cc63cd154885d5fca95aa3129e8b35287756bedcd01
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8
0ae0201e08be8b8552d7ac08ba3e249e90ed80a391af2702b9a9b5356cb8cae8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ded1c99bde69115ece4def9e4baa32681ee9835e042f9ecfd17eaa6e812b58f
0f3cedb78854a6470a014f9de97fbe9efebd43b98a621fb9c0a4bc35181f8ea5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11234691fc0450764e544602024abafd61a6cb132c10b40cbd4a891966b95e82
116a9cea25d350fb25d20a2f63faf169205e6459a640da0a723185c6739ba8dc
1290a2fb659d16388f72789909d1adfff75db4fa5e2d746eea7d08aacb7ac23d
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
150faee39e08fa9a66c7bb8cd7fa8b0b4e50afe3b81e46e58457efc5111db1be
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
1793fbb2d9f477dfa738dbf9637bb175b41f2396b4b517758b48d4459bd2771c
182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a58ee399ba697d721a323f0bc891e435a5290e26264d032c5f3948efc2dbd80
1c450cef5d4daacc7643313f919fddbf4c2c1c2bbf8b975e1f5d1501c665599e
20c1bab68d479886e5c0adca071a6b5a45af440f8dc5942a200c2e4e14cae0a6
220e832c17c636425f1236af784d80f255053c80708b504c61b88184e01fe7e9
260b38b3e10e609b51bb1b37f534086eead8de6a611c0a4b5d60fcd4f4b5ce99
2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33
26f928acdc0833bb3f2b2ee800faf18a22b26f2fd5b2185a44a7e1253853552e
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a5f10be4a30f300af1e28b2c396e62fad9b8299dbb3aec0b7d245fca3f8d478
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2fc18fcef06aac46b54b17c448ddbe62de7655da8466e9f5ba3df7d0c0829bb4
306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35bfca9cb17fabaedc97a387d7ed8206148706c35d1f3b2cf4d9df557eba90f0
369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15
36e075c51ae181c6e0b0b9a2c5c1ed9ac43a85e2603a0549d5673a54c5e536a4
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
38430411c36328395dd2ab761e472f440428adfb2cab8dc2cb9ea1c3a0539b93
399b384fb6898e59e43879a84599f32789d6ad791a7bfebab2bc8f77a21a90be
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
39f1f182906b66e1b6e4123a91342b4ef4739d462effffb3b0d103eec0960f0d
3a987e583eef56a40342ea5b1575420720c28eae3f5299fc9cd4ff02204a45cf
3c831f7e42e384311b76d705810df55cee94394a65d9a96e8d496de85d5753bb
3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ff94ea6a748276dd8c567b3607fc4948be0f17bd4352a162e33fd06bd8f8e9d
4123ba54d1312843c17edec42aeba136c7286dc63d58c3405130c62fd703c8d1
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
4286da091b204ca52bb76d97556d3cd69edb29f6c507e4b094708fd35e65f628
428aaa2eacaf2f231b2ec36e7f771d7df7253cfdd405ab2e9571fdbe47346766
43489af29315e182856bd685824accdcbe1585df683d98f7eb6021e874959bf1
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c
4d5e9c4a826a6ad8864c2dfb2a8be7fe1783ff4f96d815cd6a54d944828e14a6
4d96588a3687a67b35d69ca24bab05433cebd514f1d5b9c901d4ea7577fce5b2
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4dbad609fb1a658b9f27db7365cc402d07471d9d6c4b0b92963c1163197f1633
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab
5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53aab754cc86f439fc2e1afd76a6add9a96ea925cb67e8e3a8f702234b83a452
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5ab4aef68986f860852f64d71bad5506b519177d2e66a88b615e4edb9cc4720c
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5f1ed7b9a8695bfcc37c4d87a902dd64d555eec8a33c7110ad93d32fe5ebcaf7
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624046a7e355e4f996c400a55684f0135e0ee18c2b095b13c99cbdeb614157e6
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64973f8143c26a348e89437e49465683d92ce75f451d08f9eaafd9c1bf0531b7
64bdafcc03962457a8abc24b3855724a936c31bcbf6931c08cf0ed16bedb4b62
64f4a24edeb6cb233fca0c37d397bf1354bcfa87068c52460300964719694268
65a920c6d9fd91d001f8e031df67a2013e897cdb7a5241bfd8f32b669c0d3063
668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a
669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0
67aad7b412ec1804e1fd92283a653c59a297d5f6560f87432509ab9514821cec
67cca4b071753dd0cf9080fffb6cb95f42c033a3c03aa439335f93fab9b26b06
67ccae70e1297c73eb31fd496d63cee380287cfbbec49b3fa7fcfe03b0a1a0e2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69822432c4a83f7f2d9f1a824f0004131dff075b4109bfa38917cca830ffcc8e
699cf7a12efd44b9591489ee64228f27f3606ca53fbc58e66c209f755304de23
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6de040a118c57cf5ecbe6eac67f1a83f0951a91d868e758c83d8505a21791c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0d014befca5d4f2e102e2b9c7cf4c4b80e3aec23c26dfe2c231370b38351e9
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6d1ee8dd949061f0b206870ecbd879de6422ac646160caf3e4a60ee7e8d363d9
6d69fb5b892e212e10a2348655327a79e805eb0540f4ea65c41a6c552de88a3a
6f6988ad6bc455fd5f1bb30136babdca221ca4fbd74d709bfc58b5b2d71e54d3
706d49f7a3a3c42b99cd147bd7e965badbf05c4a1239e9925617c8c8124fc25e
72567baead75b7593c93944704258e62ff7dc603137a401a9a1768244015e8d6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749e63827d1bd3174c55371ebbd238efbfefeb200ebc54cb970721f363e1a8c6
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c
79ce610818bfe7e77f546e909f73d4b6837c658936f1bfdf70a2d12ae18e1f5a
7b3f0b2631c4fa1470c4eb636fa850e0dcc46229ccd2105941e9010fe572f9b1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c62fcad0441be78e9e3420ec5618f8251614ea689ef0a4caa4f5973e01d1b91
7ecfa33b6f6ed8cac1ef941a448d08af4404dd3c31a8357bdda46ed94674a9d0
7f39c4f76ed7711e97b4e383512d4a5644174e8e7913e3d245c737ea642658c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85dc5933773fe809c2f8b8ddf4ba9ebfd7e46135d0c9a53c9998918284378c1b
86d3e8d17d8229a49b74037fbcf3768145e11b9dee7fce43a73ae4e24c43b654
8a06b10450bc4cdfda049f485cd107555aa55099901503350e0d389d9d747e14
8bae5fafc8928ed931abdb779e429b10201b37ce44793ad1a7afcaae33d174a9
8c599331598210e5f6d017ba1316dc0f40ad4e6bbeb93428662f61ce270bbe2b
8d4de5d3fbe4bdf3eb5ed09e4cb9d937a8fdaa89f4015a5b417104413eebc219
8dbd77a107ff4b54425a19c0ec6009197d28068a81d5f0a72bd165dfd70ac511
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
966f2d8e2766a8f32b05dbb03e2a9a08b750541f0ee58222d498d85a527a7b2f
978c53a19c758acc7d32908249db983eba9c0614182106093ef72fc97630fc86
985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9d768f155ac9452db2a2b5a092375c4702ca8ddc063e4ab1b8133a4bc5fa330d
9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a09f38091d15ca9b049a00ccfba49c40c8cec227fbcdcb7942830d56e94660af
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30f835d91cea7927536ed6a0e593181939cfb1d4e1c091e875851904c41c350
a368e10f98f84b85990d81f4ce950fdb97ff8c229b3370eeb8755b866dff0956
a4710df14dae0b64228f35cb191eb22dcb76d89978d5fb9343ee927f1ac7fd1f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e573a0c780cefc9cb73c58ffecfed899d61cb7ad8b58a4271a5712e5f03d9e
a6528cea35676a1347adacf576193c7b9e569eed3bb1a45592aa275080a32568
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6d28cc2f21d315f8a31925d7d7c23a9e501bd449968121eea996068fa116e64
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f
a7b6865322d4a5f8d466a5a5a7facaa4565dbd62b1379e8c95ccbadb13be055d
a7ddca6621cb1e23f76063db28963bb4f5b536799594ab7882b1e87d179673ca
a826dd0efdf2b192fdbd52732aefc638787451b4a8dd068cf4920038d24cfeb0
ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc
ab5ed08f4ac517fa3c6b8a41e91e16d448a67ff16bbf376944907ca191572de8
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
b05a7a92796b7d629cd6a3c9838dff6c958fbe50af892f0aa18e7073a11fc984
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15bfcb7eef810d120f48e515fdfe034658979bec7510858e9243afa20b7ba12
b2d56ae19a0864a4af697ce4763059d264a86f829065b108cf06a3ff07befd49
b2d649e08bfa685736d62cc59f9109bfbec9b8b36406dc2e44acd5c799bc5248
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b43ea262a6cdebd2400b4fb4cd103dbe409e096a26e0b2645331427561d02bbd
b4494150f2ec9151db29f73739163f283ef929c2d19efd5cf60591606fccff5e
b57f725f6b1aecd8d59b0d381be391e9e062201b86aab776492fecb6cf5f45c0
b6f14efdfab101c289263c3ac0fe66db4626cd40980defd239a481c42a172ebd
b707c3ff25576033c25bab0f9838b03189a4f3ff3a673e33ae67aff873784519
b7137c9dd3ed5bb412e0eab7346f3a06e95fb088a05cc07e5024c7c6c16b90c8
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9c0d88cfeb8ebddd5a9fa0e9fd03aac5972057ef6a5f0cbfaa376035ded7089
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc78fbf3455e789da820a7c96da836fe0722a6fa4474299138a49b64d615bef0
bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c05389790ddead1de4778aaeacbae24fe6c43f9734d3b5b7eebea922056adda8
c13ea2a6f811eb634d2df42d51571f58e22bcab88fac072423da56b7ac8c8fba
c36c6f551681b3395c38bf70e2a7f00932eff590d253e9afa3795c45627e744a
c413b818072b4ccdefbf377c65697fe637fa45fac40474f98102473e2c03eb11
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4db364769a1dd877f0f81ba1b8c32de72c4412a9fad3ba3e399132f6f829922
c55ab94663950bcc6ec0f871121505fbd77bc6305a36763ac9dda6b7b62a9d36
c726b8850dc382c184006a679748698f6b83517e6d8e186f953c73d5c936e697
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
ca5bb78c8ce1697079eb187106c54e3deb6a3da3754546764aef9da6b3058227
cb21781348e580936fad6fb142d4064754f387ca49ca3efc143e033e097e2c9a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4deedbf83f4df152489ca7381d0f65ea773db35797db9acf290cb65f1f97eb
cfe210b9b960e92d867cb501ba3cb9b03c4c66b816dd2427566bed986fb1c00f
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d0f23a331506a03dcb1b8b6b4c6e30bacb8fcc76edc434345d95d85e2ae30d6b
d140bd1114beb04dbe5c1c14868ddc02baaab1eae7b704301abc2e5a338930af
d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e
d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91
d2e51e8c3b0430a1d867b268d4758a67d54fd5f7a292e888177bf55310f3c715
d3ebe3e2456ef413fc93c8c3f46f7189211707199ee0af7039e5617103225159
d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94
d53269cece5480dd8e11972ca5c7502d1a948368aa60f8890b0472b53db11720
d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b
d5bcde338aeba0acd272564af6d9a209e8728793e81841a879f762c8a0d3ddb7
d5c17b0c1557fdf36970bf486eea3b820f5b7a2233b6cda1adb39e66bddb8515
d731ce0b39bed4db001d2e913540143fa96dd0d8dc9bc958e61e84182a6765de
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8ce4c8e8dcb92ce4c911e4cf3bc7c0e43e4d8dedd2131283b680776f53a7b83
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
dca1bc36a8a32a678c9f4581ab791c3aef4067c69aad64f1076addcc3d9a93d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de58c69041bf75e35d8a15240cda0f5ab8a65ed9c8da8a977e9157d415d6edab
df1f0d441735711ba9b957f1cb92c15ed6041a121d0e9b26ea0048947feabebc
dfa59124f99a0503ec4d75f66a682c6f863b7e6c8c8c1b3de1edc6bea476d79d
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2d152da0653972f7bd485903e05b40c0663ce2f550b7b01f7985a6d52497910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46b9e4d144efee02d2f026f52eb9f68cf716da6f200bdc5b363f414778ed07c
e48c7778a0a8dae4dddef0b1cd2b30ac62f2704bcd5b9b2a919496fefdfe1449
e4cfbbe3f66b492889fac1a5d73d4cbbacf99b03474a230647f32fb3233c00c0
e566a8b4082a79a2e8d8e6aa5f580c26e57c29d5b28e0482faba77b9f1f1c4c1
e772888cb9cc4cfd6bec4aeb1e8ccc45fab461f1bf561e1e090a9da3542a1267
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef961ce80d0ba120ad7a16c2822212d6e9c05335cedf13beea518c33dee64e7b
ef97bea950115c40a0ee7b72fd9bd0956571f53293a50e200d340a3b9104259a
f1569ca221d3f5b8a4ddd6cd837e28a46d26d943e2f2498de31cb68c4a41b723
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f527a7f359e6e32d3d50f88b37a50d0bd595d6b1339e30b66eec8d2ae42410b4
f5982677de1f40a49f1034f8445c6ff1105609272e710b12e2f8e807e3866cd7
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f639b2ec714147b50de4fc0fbd90face3858639cb388a2b75947e3f6518e8045
f7adc9854b18ed2c0213f6dd1953be1daa7dc6c473dc6089da80aba7b3444e08
f8c5f275c7bae3a0e164ac1c8fd7da541bd0d0865a835a82edf3bdf88f059112
fa7f4ef68cd9151b94b838bcfdd962da1dac35c9f8885e14b5c9379a562aadb3
fb2a8c61b4b24e06e7dbfb3408b059026e09747e07e7ab87c278961b7f10b67c
fb41f9cc4a0181dce6bd0b641f979e408e26f661bb564c1ecdcc94918cc54439
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fe44aee88b4b9b6240dbe438478db44b06b6362800895eadb75b91e754dca33e
febce070f70d4d8216c9a0da08d3938ded160cfb3eea58b7ba57340cad506d13
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fff9c7b02c83d7dd42423a7c4c9df87bb97fb7c1511ce239d3e12963ecf2db3c

www.thestar.com Open in urlscan Pro 143.204.98.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

360 Requests

93 %HTTPS

28 %IPv6

73 Domains

125 Subdomains

95 IPs

12 Countries

5119 kBTransfer

17520 kBSize

121 Cookies

17 Outgoing links

Page URL History

Redirected requests

360 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
143.204.98.71 Public Scan

Screenshot
Live screenshot

Full Image

360
Requests

93 %
HTTPS

28 %
IPv6

73
Domains

125
Subdomains

95
IPs

12
Countries

5119 kB
Transfer

17520 kB
Size

121
Cookies

360 HTTP transactions
1 data transactions