www.thestar.com Open in urlscan Pro
108.138.17.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://user.omidrezaei.click/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On April 02 via automatic, source certstream-suspicious (April 2nd 2023, 10:10:43 pm UTC) — Scanned from NL

Summary HTTP 433 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 97 IPs in 10 countries across 77 domains to perform 433 HTTP transactions. The main IP is 108.138.17.76, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 76513.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	79.132.128.78 79.132.128.78	58329 (RACKPLACE) (RACKPLACE)
5 60	108.138.17.76 108.138.17.76	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:2240:5a00:16:970:b940:93a1	16509 (AMAZON-02) (AMAZON-02)
20	18.66.112.98 18.66.112.98	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
23	13.225.78.98 13.225.78.98	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.47.187.31 143.47.187.31	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
13	18.66.97.65 18.66.97.65	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.198.148.95 34.198.148.95	14618 (AMAZON-AES) (AMAZON-AES)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	13.32.118.30 13.32.118.30	16509 (AMAZON-02) (AMAZON-02)
1	52.222.250.165 52.222.250.165	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
6	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.255.162.196 34.255.162.196	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
30	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	52.48.226.112 52.48.226.112	16509 (AMAZON-02) (AMAZON-02)
2	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1 1	54.72.144.202 54.72.144.202	16509 (AMAZON-02) (AMAZON-02)
19	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
15	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:b0c0:3:f... 2a03:b0c0:3:f0::1bc:5000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.9 13.32.121.9	16509 (AMAZON-02) (AMAZON-02)
25	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	34.120.23.223 34.120.23.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:143... 2600:1f18:1430:9001:ab67:a243:7f3:713c	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1a0::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
3	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2600:9000:20e... 2600:9000:20eb:c000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.75.26.198 3.75.26.198	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	52.210.163.253 52.210.163.253	16509 (AMAZON-02) (AMAZON-02)
2 2	52.51.127.121 52.51.127.121	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.184.93.146 18.184.93.146	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.127.130.178 3.127.130.178	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.13.138 52.214.13.138	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 2	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	34.248.100.85 34.248.100.85	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.236.117.9 54.236.117.9	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.3.30 37.157.3.30	() ()
1	216.52.2.39 216.52.2.39	() ()
2 2	185.80.39.216 185.80.39.216	() ()
1	198.47.127.20 198.47.127.20	() ()
433	97

1 79.132.128.78 (Naaldwijk, Netherlands) 1 redirects

ASN58329 (RACKPLACE, DE)

user.omidrezaei.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 108.138.17.76 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-76.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:5a00:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.66.112.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-98.fra56.r.cloudfront.net

z737.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.225.78.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-98.fra2.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.47.187.31 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.97.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-65.fra56.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:890 (United States)

ASN13335 (CLOUDFLARENET, US)

static.app.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.148.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-148-95.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-30.fra60.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-165.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.162.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-162-196.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:6c00::210:bb43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.226.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-226-112.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.144.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-144-202.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

events.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-9.fra60.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:6c00::210:bb39 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com

engagefront.theweathernetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:1430:9001:ab67:a243:7f3:713c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1a0::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.26.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-26-198.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.163.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-163-253.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.127.121 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-127-121.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.93.146 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.130.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-130-178.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.13.138 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-13-138.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.100.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-100-85.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.236.117.9 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-117-9.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.253 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (None, ) 1 redirects

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	thestar.com 5 redirects www.thestar.com — Cisco Umbrella Rank: 76513 z737.thestar.com — Cisco Umbrella Rank: 325845 images.thestar.com — Cisco Umbrella Rank: 126457 resources.thestar.com — Cisco Umbrella Rank: 229732 s.thestar.com — Cisco Umbrella Rank: 352834 api.thestar.com — Cisco Umbrella Rank: 381276 pixel.thestar.com — Cisco Umbrella Rank: 452935	2 MB
63	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 59200 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 73822 img.sportradar.com — Cisco Umbrella Rank: 42606	871 KB
28	google.com news.google.com — Cisco Umbrella Rank: 5830 region1.analytics.google.com — Cisco Umbrella Rank: 4000 play.google.com — Cisco Umbrella Rank: 31 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	169 KB
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 12528 csm.eu.criteo.net — Cisco Umbrella Rank: 7853	545 KB
20	gstatic.com www.gstatic.com fonts.gstatic.com	793 KB
20	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 12481 query.petametrics.com — Cisco Umbrella Rank: 13463	72 KB
18	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 ad.doubleclick.net — Cisco Umbrella Rank: 172 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 555073 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	179 KB
18	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 16368 elb.the-ozone-project.com — Cisco Umbrella Rank: 7542	88 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	63 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 509 image6.pubmatic.com — Cisco Umbrella Rank: 779 image2.pubmatic.com — Cisco Umbrella Rank: 999 simage2.pubmatic.com — Cisco Umbrella Rank: 733 simage4.pubmatic.com	27 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	511 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 50425	27 KB
6	permutive.com api.permutive.com — Cisco Umbrella Rank: 2000	773 B
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 964	60 KB
4	adform.net 4 redirects dmp.adform.net — Cisco Umbrella Rank: 3290 c1.adform.net — Cisco Umbrella Rank: 584 cm.adform.net	2 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2236	3 KB
4	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061 ads.eu.criteo.com — Cisco Umbrella Rank: 7796 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9585 dis.criteo.com — Cisco Umbrella Rank: 718	59 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 400 www.linkedin.com — Cisco Umbrella Rank: 579 px4.ads.linkedin.com — Cisco Umbrella Rank: 6196	5 KB
4	kumulos.com events.kumulos.com — Cisco Umbrella Rank: 110118
4	google.nl www.google.nl — Cisco Umbrella Rank: 8940 adservice.google.nl — Cisco Umbrella Rank: 14602	1 KB
4	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2812 p1.parsely.com — Cisco Umbrella Rank: 2202	26 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 836	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	12 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 933	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 215 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 300000	5 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 940 api.btloader.com — Cisco Umbrella Rank: 1036	7 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	688 B
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 23417	521 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	562 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 4388	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	529 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 387	797 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	965 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 552	1 KB
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 13413	682 B
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1557	673 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 774	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	257 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	177 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	76 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1016	1 KB
2	cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	2 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 333557	2 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4625	2 KB
1	lijit.com ap.lijit.com	277 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 804	610 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 805	265 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	587 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	736 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 533	355 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2096	307 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 340	239 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1591	462 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1590	157 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000	373 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1446	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 853	5 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 687	723 B
1	t.co t.co — Cisco Umbrella Rank: 525	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 701	15 KB
1	theweathernetwork.com engagefront.theweathernetwork.com — Cisco Umbrella Rank: 2261	309 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1008 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1165	517 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 394549	393 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 483	54 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 79639	789 B
1	app.delivery static.app.delivery — Cisco Umbrella Rank: 58108	32 KB
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 301128	442 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 294282	144 KB
1	omidrezaei.click 1 redirects user.omidrezaei.click	308 B
0	districtm.io Failed dmx.districtm.io Failed
433	77

	Domain	Requested by
60	www.thestar.com	5 redirects www.thestar.com
30	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
25	img.sportradar.com	www.thestar.com
23	images.thestar.com	www.thestar.com
20	z737.thestar.com	www.thestar.com z737.thestar.com
19	query.petametrics.com	www.thestar.com
16	www.gstatic.com	news.google.com www.gstatic.com www.google.com
15	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com static.cloudflareinsights.com
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
13	resources.thestar.com	www.thestar.com resources.thestar.com
10	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
9	play.google.com	www.gstatic.com
8	www.google.com	www.thestar.com www.gstatic.com www.google.com tpc.googlesyndication.com
8	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
8	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
7	news.google.com	www.thestar.com news.google.com www.gstatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.thestar.com securepubads.g.doubleclick.net
4	a.audrte.com	3 redirects ads.pubmatic.com
4	cm.g.doubleclick.net	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	events.kumulos.com	static.app.delivery
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ct.pinterest.com	s.pinimg.com
3	bat.bing.com	www.thestar.com bat.bing.com
3	p1.parsely.com	cdn.parsely.com www.thestar.com
3	www.google.nl	www.thestar.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	unpkg.com	2 redirects www.thestar.com
3	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	ssum.casalemedia.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	ads.avct.cloud	2 redirects
2	match.adsrvr.org	elb.the-ozone-project.com ads.pubmatic.com
2	eb2.3lift.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	ad2.360yield.com	2 redirects
2	rtb.openx.net	2 redirects
2	63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	10230056.fls.doubleclick.net securepubads.g.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com
2	api.thestar.com	www.thestar.com
2	connect.facebook.net	z737.thestar.com connect.facebook.net
2	region1.analytics.google.com	www.googletagmanager.com
2	s.thestar.com	resources.thestar.com
2	api.btloader.com	btloader.com
2	www.googletagservices.com	www.thestar.com 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	ad.doubleclick.net	www.thestar.com
2	ad-delivery.net	www.thestar.com
2	torstar.blueconic.net	z737.thestar.com
2	dev.visualwebsiteoptimizer.com	www.thestar.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ap.lijit.com	elb.the-ozone-project.com
1	cm.adform.net	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	elb.the-ozone-project.com
1	ssbsync-global.smartadserver.com	1 redirects
1	pixel.rubiconproject.com	elb.the-ozone-project.com
1	crb.kargo.com	elb.the-ozone-project.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
1	rtb.fr3.eu.criteo.com	www.thestar.com
1	adservice.google.nl	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	alb.reddit.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	www.redditstatic.com	www.thestar.com
1	snap.licdn.com	www.thestar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	static.ads-twitter.com	www.thestar.com
1	pixel.thestar.com	connect.facebook.net
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	engagefront.theweathernetwork.com	www.thestar.com
1	fonts.googleapis.com	client
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	z.moatads.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	btloader.com	www.thestar.com
1	static.app.delivery	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	user.omidrezaei.click	1 redirects
0	dmx.districtm.io Failed	elb.the-ozone-project.com
433	120

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2022-09-27` - `2023-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon RSA 2048 M02	`2023-02-24` - `2023-12-20`	10 months	crt.sh
z737.thestar.com Amazon RSA 2048 M01	`2023-02-06` - `2024-03-06`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2023-02-28` - `2023-08-06`	5 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2023-02-13` - `2024-03-16`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.liftigniter.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.prmutv.co R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
widgets.media.sportradar.com R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.liftigniter.com R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
fn.sportradar.com R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.kumulos.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-03` - `2023-06-02`	a year	crt.sh
img.sportradar.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
engagefront.theweathernetwork.com GTS CA 1D4	`2023-03-01` - `2023-05-30`	3 months	crt.sh
pixel.thestar.com Amazon RSA 2048 M01	`2023-03-02` - `2023-07-07`	4 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 65266F8CCCD7F3631037D7751D821DC9
Requests: 311 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=466798&publicationId=thestar.com
Frame ID: FF4A18DC9EA95D5C58A13EB2E727D7AA
Requests: 15 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 30061F5278738BFE9E2FD7218269CF76
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bh6sccojlwzj
Frame ID: 34B95696E7A86A9AB359AC4024918664
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: BDB26FF3CDF0AD6751A219B072EB7D87
Requests: 12 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 6FBD531F0AD8DB5B6AD3AC4CC0779663
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CE412E8FE8872BAEB01A9EA18C854982
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9D367C2B1A091922080798D0BB58B031
Requests: 1 HTTP requests in this frame

Frame: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D6726935C5E035ADF3ECF932E6DF680
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D29A8B2348D36B118AD57F9D6169E21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3700B75F0D7B711164C498A800E6D4DC
Requests: 2 HTTP requests in this frame

Frame: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA2E85316011B4050F1A83EE5652FDDE
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCn9XQAMnXUIu8XxAA2GzzZAyt-b5Bcz4YAZMQ&u=%7CwLpuj1K698j0MfSa%2FYgCDvRO8b%2Bz66rUnJjfs42k0Aw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPY5gX1M2xsaUF6cPamj4xuFGEjE3lNdxVCvLnZ06gfA36JB3WUBt-FONX0kpZetYHg9aGIk9hfwAPrsDzVdSsHd-xdtnnZ4WCUsumJoOJXaOSXC46v9TVGYVxz_A4VV3DWnr2dhiSfB3f0lXBNBmiFeo01uNV4iaXMZ5X3a4tM3wlkbYpwD1N1bQTF0JEfh5C2w7onAPE2Rx7A9AlAwtcDkX3TmFVWkp45J2w_qZW2jQ-z8dI8Ypuk36Pd9MFk5GGuI0K3_BrclBhoMXFj1B8SOd8YKf1AfLoHkdMPMa21lBitN2rc_3VFUquOWtppFP9VF5dMcjzhwhS6Hucp8PGyHfq4s1e2GcyYMg5xOWt1H7snybDR3hudqM-5H1kIh8B0DJHZlXnExSNTYAyCX5ZaAD8qrfArZ0ej8K0nOnY1na5D_jtTAWnrNVZRleJiE2VH0QvmTvbqR37YIGpMQZpMpahk1TxN8eEgQZtZBzOiXudUu6rp79AWLzhIuaxou-sgRYVNGieF6_0G9rTiz-jT-et60OhSaahLT6W8sVqolRTxSKn_0V6dO5Z5NKo9S45oVGu6l1kDTDd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQYY0Xf0pZPW6MvGL7_UPz422gAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakC56MY7Ykvsj7gAgCoAwGqBKUCT9BCFg2fKoadi_2mGePQRrNbZwcDTDwuzfU41aYH7Brp-yOMp062g03GmjQrZ1f-m3VzcYyO8Qo9fu4F6KkFnzW81HStwtYmdMRJv8caH2_Y_RvV_utbJonwXVfqA6k1j5p4cb1BmLrVX7xyL0-cCG7ALMluNYmuF3ZnEifBbAVDn7iuMSg2t8fvN3GpsKbuHPDBkRTNuJApmCSyqvkzjNqlNoDFIJHM3B4oZNqHKpZhg97qvPk4771hTQG9GH-uL3sKA4LLoFqIaWfz5rwfDYFReRpEFHmWxxOH5kUafJ8G-vOl50HIQQg1vAHCR0tsd0W6TsRxa3wvdjQeaPcLCmfeA76_FyqKwE2HIGK4ZOZF5Ejbeva8DUb4LBcw7IlPjquu_pvgBAGABv7gi67Yl-yrCqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Vta2G-7BHU-tLWKtOdB-XvgKxUQ%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: 25EA077DD561942A6543A16A355F9F8E
Requests: 27 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Frame ID: CBA698198BAF957A0E8FF179C4F4481B
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 05E3DD1E508C95684F942075B27388CD
Requests: 12 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6577079151584028122
Frame ID: 95B026295ECD8D7E8975FB14AFD59FFC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7dd66429-fd61-4900-8c14-a2c31626a806&gdpr=0&gdpr_consent=
Frame ID: 9C5B169C6AE315F41668236D66928422
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0D7D0FF1ED533FB2482CE23C0E986B93
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs
Frame ID: 6B49DD66FEA93AF5F9A486128686441B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: F20A353879B6836F90AB857723660315
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Toronto Star - Breaking News, Toronto News, Ontario News, Canada News

Page URL History Show full URLs

https://user.omidrezaei.click/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

433
Requests

93 %
HTTPS

40 %
IPv6

77
Domains

120
Subdomains

97
IPs

10
Countries

6547 kB
Transfer

19580 kB
Size

111
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://user.omidrezaei.click/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.3.0 HTTP 302
https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js

Request Chain 81

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=

Request Chain 89

https://cm.everesttech.net/cm/dd?d_uuid=41599954897915910414022698319737780647 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZCn9WgAAAFExugMx

Request Chain 166

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Request Chain 167

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Request Chain 168

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Request Chain 169

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Request Chain 170

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 323

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 336

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1680473437193%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKlt5IxBtgm9gAAAYdEBbYI9PgR05QxCnu-hJYgL9TOJuOCRsIBTEdMaMZPMvGwNEbTmNyUnQt9ozdW9Yk

Request Chain 399

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=013bdc42-e008-463c-8ead-943c4940b392

Request Chain 400

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=67dd5b74-4ee9-4fa6-9aad-385373f551e0

Request Chain 401

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHzXk7IU_sAACFD2RagfA

Request Chain 402

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7589882093566038755

Request Chain 405

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae684a93-6218-48bf-a8f4-b53a4d47722b

Request Chain 407

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2304783842742512099570

Request Chain 410

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=16a7f416-5f37-4396-9526-21ca54bc55de

Request Chain 413

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6577079151584028122

Request Chain 414

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7dd66429-fd61-4900-8c14-a2c31626a806&gdpr=0&gdpr_consent=

Request Chain 416

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs

Request Chain 417

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 418

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DD5L-P3HTfO-lJYc_zL_6g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 420

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2045594517

Request Chain 421

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTI0d0RqeENjcVhRZUtzNTkxejItb1dGUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=7995486750970528975&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 422

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMzRTRCRjgtRkRDNy00REYzLUJFOTQtOTYxQ0ZGMzJGRkVB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 423

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRIYVAGDjKV93A82UzZZKk&google_cver=1

Request Chain 425

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7995486750970528975

Request Chain 427

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8092106870159333018

Request Chain 428

https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FGyyDlZE2uF0d1Ne0yUVKjwMCf6FBeZ7zD1grk0-~A&gdpr=0

Request Chain 429

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7995486750970528975

Request Chain 431

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZCn9YqFh4PoqfEa8oxEPuAAA%263315

433 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

https://user.omidrezaei.click/
https://www.thestar.com/?redirect=true

619 KB
106 KB

330ms
272ms

Document
text/html

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9129002b63bccf060bd09187e084972593041b512dbc5758be595024dd4c427b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 22:10:33 GMT
etag: W/"9ab04-e2pF1wa/NNwKK5iWy2vc07SMAoM"
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-id: jGde-f-cAzDLvlcJ5VwY_AYmsD0B4FN9pZdjYue-xoILGTQN5kY9Bw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Sun, 02 Apr 2023 22:10:32 GMT
location: https://www.thestar.com/?redirect=true
server: nginx/1.22.1
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-id: RzSnt1Z_bwcjCktfVbdSlkB9pVdpbUqKYoQE2FysRTZXPgtT3KLwnA==
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 84ms
80ms Font
font/ttf 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:15 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8658
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"6028-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: RUBDzrbRQ0VSqUMCjRVtkSi4nRUsalqg7QisH_RgUZM8wA_f0RM-Hw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 41ms
37ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:24:11 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 6382
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"478c-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: tNBougvujp1IloWzkyS3zZyIqiGpqykAWe5q5CGyfqbzSA3X4H1CPw==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 82ms
79ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:31:14 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5959
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"4764-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: uC6eo7I7emSc-usuKj5npsKBrTh-UDSTNLl_RinvYVgEJ9Umi7h4qQ==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 77ms
74ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:13:43 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 7010
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: lUB9Gcr4Yi3lcwXjZFhBPGh5v1QDjqJ8p3U6OVrzLXk6P1WfxgMBXA==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 37ms
34ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:54:19 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8174
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"4930-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: G4GbvwStzGzgRzkMdGbEYPrC16QXapNlsdXsiH3sNkY9v9cqstw89w==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 78ms
75ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8647
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: F_R_oJZxfIcD_haRyHhZToROEhHKkDBs5qo_HbTAjtrgSK0agHMQEg==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 60ms
58ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:35:45 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5688
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Tx5y1OGozBu_i08UgvCGUDBkOPXEMCndUaGknbQpn5HGAn_vGJsARA==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 61ms
60ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8647
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: pUxB37pug7pGO02KXfRelqGqLK5B_vFf0ytLwZ40K8O2LEffL_H4CA==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 42ms
40ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8647
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d610-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: y05OHZVNY98zxz5QkqBO0yzZe02vfdQmFKqxApxb9HPDb321hpk3vg==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 52ms
51ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8647
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d420-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: PIqYSaybFIKLvyiptOAX5_Q_WSkj1JQUSlIxgRkCe6Oyjyf2NTPB3A==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 93ms
20ms Script
application/javascript 2600:9000:2240:5a00:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:36:36 GMT
content-encoding: gzip
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 61955
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XkiVmLPTNLv91BqDTB5G0WXvwTaG3P3Jg9JaPOj_xdgzuFtqbqILYA==

GET
H2 200 script.js Show response
z737.thestar.com/ 138 KB
41 KB 95ms
25ms Script
text/javascript 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

3f0f37c821ef83f7d39e96f91ce3fca63b304a164705b79c87e6315ad230fecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 493
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41802
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 22:00:30 GMT
server: -
etag: 7bc86c3007fab78e3059cd94d8253621
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: zGc3rCiImRIhKGoOHXyIAdvNqQhXtFKarOK14tsUzmK5xXsAMRPm-A==
expires: Sun, 02 Apr 2023 22:12:20 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 199 KB
58 KB 112ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e080e504f58f105af7861e295cc78fbf9420f0c8f62a74baf3085d00981cf1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59096
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 20:22:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 22:59:51 GMT

GET
H2 200 carol_sutherland_brown_husband_daughter_son_in_law_and_grandc.jpg
images.thestar.com/5EnoolsjaIFCwX8dYhpvRdvV2qI=/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/is-the-government-doing-enough-to-help-these-los... 4 KB
4 KB 90ms
24ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/5EnoolsjaIFCwX8dYhpvRdvV2qI=/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/is-the-government-doing-enough-to-help-these-lost-canadians/carol_sutherland_brown_husband_daughter_son_in_law_and_grandc.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c84d2194296723d98f98e0faaec95caeb3672fb852166c7d6207bbfe1c94e8b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:15:20 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 14113
etag: "0d0b8cbf8e10157bc4db03e419804ad7b24b37e3"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3608
x-amz-cf-id: 3uxISOERHIp77oE911ncFAFFqgLZR5rg-X4hJl6DznCQ8SUNMrPWnw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 74.css
www.thestar.com/static/ 6 KB
3 KB 45ms
44ms Stylesheet
text/css 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:34:43 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5750
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:22:01 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"19a0-186b7bad828"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: yu7VD40TeOUn55dCuymoElQhpFOIGgTMkUti-bjHZMWsDnzqzECowg==

GET
H2 200 bundle.css
www.thestar.com/static/ 406 KB
62 KB 46ms
45ms Stylesheet
text/css 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ba0c6fbcb52b5ae4fbdfa89f7a26b1246d3ffed722353e730193af0fc3fcb9c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:33:52 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 16601
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:22:00 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"6565c-186b7bad440"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: 4f_VA5uwdoBcPkdEtoQn1ELh5U9yZS0gbYaBKj-pdzbd5D5JVqFjgg==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 480 KB
144 KB 79ms
37ms Script
application/javascript 2606:4700::6812:af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe477e3dc74c39f58277bb9cbcf3480b0e3a0fb5933e9fe365a5de81115baa9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 0
x-guploader-uploadid: ADPycdu2d0dwo8J4YD75G-vZoCcBQCZMmqek162yLkt1jbqho53gmWZ6oUmhytyuL69cGh332w-lSYqmDP9VloVjvyaIv6Qkgnf8
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Tue, 28 Mar 2023 11:06:16 GMT
server: cloudflare
etag: W/"28736cd9600df6d6da8c4f7bbc5a963d"
vary: Accept-Encoding
x-goog-generation: 1680001576370736
content-type: application/javascript
x-goog-hash: crc32c=RDP1fw==, md5=KHNs2WAN9tbajE97vFqWPQ==
cache-control: public, max-age=900
x-goog-stored-content-length: 151480
timing-allow-origin: *
cf-ray: 7b1c67107c65b897-AMS
expires: Sun, 02 Apr 2023 22:25:33 GMT

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 26ms
21ms Script
application/javascript 2600:9000:2240:5a00:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 05:33:54 GMT
content-encoding: gzip
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 59965
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: dNl9_Rj_MgH69LP-Botxl9sGnzh3Zea9cTI4Wx5gMIPNy-Qs1G3gPQ==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
2 KB 48ms
42ms Script
application/javascript 2600:9000:2240:5a00:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5a00:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:48:24 GMT
content-encoding: br
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 70052
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: V4CWIPByqTEap4Kc0JwBHEmLzSvXWb-5pRrYU8Q9HKBAI1RQPgUZGA==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 364 B
442 B 94ms
15ms Script
application/javascript 143.47.187.31
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.47.187.31 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: c4a19be42471f4cc440d94a18603893a88df48274ec54751f7fce163e4419820

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 364
Content-Type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 394ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ef660b9fd0ae5eba0e203f4222efcb5d7395052d9b5fd57ca60fbf6836173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25736
x-xss-protection: 0
server: cafe
etag: 466 / 19449 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 22:10:33 GMT

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 362 KB
78 KB 93ms
25ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7378bb30948ea6502b92a7dcf64fa47052f3e1157f0b5ab48a5c8a047fc03de4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:33:17 GMT
x-amz-version-id: O7WgqjNuTHqJvC_N_C_KaxdDGx508mjW
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 20:33:05 GMT
server: AmazonS3
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"05feb774875ca0ef29f288702ae3d0b0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 5837
x-amz-cf-id: mSFd9JnWLvKXUJGKcl4c1B3Ux7urqsmku_Iq314MY9e_IgCo12Gdnw==

GET
H2 200 main.js Show response
static.app.delivery/sdks/web/ 128 KB
32 KB 72ms
29ms Script
application/javascript 2606:4700:20::681a:890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.app.delivery/sdks/web/main.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1634
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:00:54 GMT
server: cloudflare
etag: W/"61a0cc76-200b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFEwosH3Yyh2h3YWjA6F%2BSPzXSoRixK5uOiPUBrkZraAeqrJBxwwWsAwIiauSpGE0dGE0s48cF0L%2BaVYD3K3Aidoj7cNDKBdiKxfv%2FjwCu4K2czamSYHv0ccQ2atm%2FVrxSOrjUTRi7umGniWUfTCaZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b1c67107b8ab8fa-AMS
expires: Sun, 02 Apr 2023 22:43:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
87 KB 90ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

837184829968a808940c14095538c4e793042ad1a0b6aae7e97bcbbf748b3272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88929
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 4 KB
2 KB 56ms
19ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9904612167097244
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: fc1e29b7e257d1e6cdef87b1f8fb5f7427256253fe79044b5925a966e936866c

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
485 B 26ms
21ms Script
application/javascript 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:49:57 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 4836
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Mon, 06 Mar 2023 16:15:21 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"16-186b7b4bda8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: rwPOoeeT1jyM404Wc8A39G7EFNSfSNmK2zB0RtGMo4IT0rvcAT6PBg==

GET
H2 200 tag Show response
btloader.com/ 14 KB
7 KB 63ms
20ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddd69266ba709b1708253bdb638025f0fb930b4a1051fa40f51144da133a64a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 21:48:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1285
etag: W/"bdafcb4be19066225a76b691e6a45d19"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPZxnt%2B%2BjtBYT%2BQZ1iXL5m3pLxOwFb5mmvcEFksiKVWq8CZaeadvai7ToxXsN%2FVd9tzekr44Np8KiPKUStTJzn3ywlWnzPaqFqCsj2eW%2BU%2FcOMauBNIpQA2BcL3eGih8Sb228pUxPTFdQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7b1c67107e961c7d-AMS

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 86ms
82ms Image
image/svg+xml 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:13:31 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 7022
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:15:21 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"1df3-186b7b4bda8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: mEsjw_PWyOCu9uEHtXFEyw9GVXBo483T3XLlCgTLYTKYBO06OO7syQ==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 87ms
82ms Image
image/svg+xml 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:31:33 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5940
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Mon, 06 Mar 2023 16:15:21 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"24d-186b7b4bda8"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: DU3ijK-GnI5O2hISczsX_H4idJe0Pcvny3xaAT86XQ5FoZXJbL5KvA==

GET
H2 200 carol_sutherland_brown_husband_daughter_son_in_law_and_grandc.jpg
images.thestar.com/lAxWWGKW0cnSfW4E1p4OyAiPn7U=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/is-the-government-doing-enough-to-help-these-lo... 65 KB
65 KB 87ms
27ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/lAxWWGKW0cnSfW4E1p4OyAiPn7U=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/is-the-government-doing-enough-to-help-these-lost-canadians/carol_sutherland_brown_husband_daughter_son_in_law_and_grandc.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3722ebba0dda60a3219e19235a3ece2b1943eff8f41f1d7cc0fd08b835f4581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:04:34 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 14759
etag: "0f1ba7543fe48761ea926eb88e97ef246a91252a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 66424
x-amz-cf-id: F6iLr9M7Z2nlfYgKyTNitG1Yn5vMZwwrI7LMbQjv-1VFLIaxw6F0bg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
704 B 419ms
100ms Script
text/javascript 34.198.148.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json159

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.148.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-148-95.compute-1.amazonaws.com

Software

- /

Resource Hash

1abc023a8f82d102cd5b5397df30bedd4dc4537dd64f16d44c55580f1385cefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
483 KB 26ms
22ms Script
application/javascript 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

59d65c96754b27f10b96cac8d482fa74a8e7a0b15661537acbd7d4e91da4127d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:34:00 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 16593
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:22:01 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"1b07b1-186b7bad828"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: orLIhtQW2Ypi_sUrls85NdyMRGOamH6frT2JZPV45IVNs4mdL7s3cQ==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
248 KB 67ms
64ms Script
application/javascript 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=274dda2e

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

66ecab2d4b8110174f23e1fe92e91557649666276a67dbb14c12b4f141d55ad4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:13:48 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 7005
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:22:00 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"13e451-186b7bad440"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: Abwc1upT56oxPopqy033kmkFLfF9l7sRABDngr5a7NMLfNyleRJTrg==

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 108ms
105ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D1D721CCCB341C13571318074B67654C7&h=48dc2651c01ac7473055baf5b57f3a3b&r=0.10211626912869187

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:32 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 291ms
36ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:33 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 269ms
22ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26451
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 264ms
21ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:30:05 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 52829
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: LnZ7-WnNcwcALS2E4hvSQqENMqdHWVZ4Z0mUMEdDo7JYUVmBtz9eeg==

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 59ms
59ms Image
image/svg+xml 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:07:06 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 7407
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: vxcmd8ee13wEXx7foiUtVa3uFXwqe6S21MKO6EPvqyyDX5W_fQIqrQ==

GET
H2 200 nadya_portrait_main.jpg
images.thestar.com/E8XfG7aUeBeuKXsoIn6Hs6FBQCo=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/toronto-just-named-a-new-photo-laureate-heres-a-lo... 32 KB
33 KB 65ms
62ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/E8XfG7aUeBeuKXsoIn6Hs6FBQCo=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/toronto-just-named-a-new-photo-laureate-heres-a-look-at-who-she-is-and-what-shes-shot/nadya_portrait_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 107e417aeb47662140399a8d294cd7dd92a47b8f1899ed9122f20535f9d17619

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:19:50 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 39043
etag: "8766529567a002d140d21ee71826e0a546f5089a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 32972
x-amz-cf-id: 0bWNISrSR880FK9rpxcK_7LkaZTPnFKobuFJ8Nl-Ouf0My2gqrN4iA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1reporters.jpg
images.thestar.com/zFS3cq9ccjnaHd_BdOD4VJdhgWE=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/was-pablo-neruda-murdered-the-truth-may-lie-wit... 34 KB
34 KB 85ms
79ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zFS3cq9ccjnaHd_BdOD4VJdhgWE=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/02/was-pablo-neruda-murdered-the-truth-may-lie-with-the-bodies-of-dead-prisoners/_1reporters.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 50f3a013f02732e7f4db20ee54b8ba9a912eb8311d0b2f67852dfb42bc7eec7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 16:01:49 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 22124
etag: "59a92c564b1a43e4f475c0d2b90533f5d6d10d21"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 34516
x-amz-cf-id: APVvDqAWvIH-UyoSooK5dQOlw3pYEe4InN94bqnWj_6ZF01PDA3YwQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ryuichi_sakamoto.jpg
images.thestar.com/C564cZpevu5yZ4119nA6oO-SBhY=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/music/2023/04/02/ryuichi-sakamoto-dies-at-7... 14 KB
15 KB 86ms
80ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/C564cZpevu5yZ4119nA6oO-SBhY=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/music/2023/04/02/ryuichi-sakamoto-dies-at-71-artists-pay-tribute-to-the-influential-japanese-composer/ryuichi_sakamoto.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5255c0381c1190b70036c085b7c19d2cda7196619be90d334c9e5eb323ed0036

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 15:40:01 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 23432
etag: "43c747bf0d61144f85cac403e90f95e44cb37056"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 14512
x-amz-cf-id: AyxxhdF-zW_-8G3hQgy7s_DjS0khVwy36lNdz777EmQvfO-Z_H97eQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Napier_Russell_logo2021.jpg
images.thestar.com/EDixPYqZk5YWjbtrXElJ4g4LpNc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 1 KB
2 KB 85ms
80ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/EDixPYqZk5YWjbtrXElJ4g4LpNc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Napier_Russell_logo2021.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b141ad4c62281a742b1a53a489c1a917fb1becc6de1538547fe207aa91d3a9f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:52:11 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 44302
etag: "cbcc463a69032c9f1aaf221d2874135e3b58ae0c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1312
x-amz-cf-id: SyOAjagg_SLtXXngh1Ll26p3xPm8VasKABO9f90JRV1kLDkuoVSurw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Watt_Jaime%20Watt_logo2022.jpg
images.thestar.com/CDYth3FfOQLt_TUO75ngUgLl0FQ=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 86ms
81ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/CDYth3FfOQLt_TUO75ngUgLl0FQ=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Watt_Jaime%20Watt_logo2022.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2680eac142f01027dba44ca81b2eedb794db7101ca15154a1c0efc35491850b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:45:18 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 3061515
etag: "b7edb0126edef96404421773eb03336c30e7ee45"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1608
x-amz-cf-id: u1I-fSvIzZjtm8FuUoL1Th-Vhr7fKhHtqPVAUD8-yVYeO91J43rkZA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 paramedics.jpg
images.thestar.com/EkqC84migFeKuBN2IMiHfOPcH9A=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/two-women-taken-to-hospital-after-ttc-bus-hits-ped... 18 KB
18 KB 91ms
86ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/EkqC84migFeKuBN2IMiHfOPcH9A=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/two-women-taken-to-hospital-after-ttc-bus-hits-pedestrian/paramedics.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9824e94837a20868becd224aa351cbcd1c58a33cc41ad3db9833756604453d12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:51:56 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 15517
etag: "a437039cf244525068f8b12d1c1a1f089ccbc224"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 18510
x-amz-cf-id: kf6ocVh1ehP7mex1bc6GeIE9uYU_jSfxu6kCDtHDTHbFKVvYmPxNyw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 suspects.jpg
images.thestar.com/rSGP8aE955hgGFZOzz5Mz49rlys=/285x0:842x371/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/01/police-looking-for-four-suspects-in-... 27 KB
27 KB 91ms
87ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/rSGP8aE955hgGFZOzz5Mz49rlys=/285x0:842x371/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/01/police-looking-for-four-suspects-in-east-end-toronto-grocery-store-robbery/suspects.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ffa60148c06588bd50ded71c0a7c847e4b78013210d90b50991501324c48d9f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:43:17 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 37636
etag: "e3343983a22d0a7ac6820c8250a73cba9942c3fa"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 27338
x-amz-cf-id: Vb68N-NQ_517U-GJLYv9e0OH4wvYfLJrutBD5MwlDh__4QkIPNkxUg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpsons.jpg
images.thestar.com/hlk8OFnP-gpTwP2rZjkN6bcvh2s=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/when-the-simpsons-set-an-episode-here... 40 KB
40 KB 91ms
86ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/hlk8OFnP-gpTwP2rZjkN6bcvh2s=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/02/when-the-simpsons-set-an-episode-here-what-request-made-by-the-fox-network-did-the-city-refuse-to-carry-out-test-your-toronto-comedy-knowledge/simpsons.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b95a8679eccf66eb56c5bd90d1c8f54a0717e85ac7966751ecbc7c9209324b0b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 12:53:58 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 33395
etag: "94edbc1f94daf2c2c73cbace8435748684e52018"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 40474
x-amz-cf-id: uVrI_KwQao-XbSSyRtViyU6zoE2xUCenv4QsJeXwUTbtzC300Ilq3A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230402110416-64299cbe729ea7067b3f6ab1jpeg.jpg
images.thestar.com/gwgztoO5JKeemZwpFID-kfQixs8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/04/02/for-want-of-a-pipeline-canadian-lng-should-power-l... 35 KB
36 KB 90ms
86ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/gwgztoO5JKeemZwpFID-kfQixs8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/04/02/for-want-of-a-pipeline-canadian-lng-should-power-low-carbon-revolution-report-says/20230402110416-64299cbe729ea7067b3f6ab1jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 17a8fee0592f26d6129b976247368d17d08127d8088667c8f3f4f83a88cf6533

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:10:40 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 17993
etag: "edb68e28c4a09f2c1e12da21a1fae7b258f3acba"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 36010
x-amz-cf-id: TZnQ6wZ5MKO2zNZy9THq1zif0uoomxfA8xD5QFp93no0Mv5OfjMrCQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230331080328-d18cc7fbb631f7eead9bf99c91f73af805880561af290cef7304f1e7e103e3f9.jpg
images.thestar.com/54UfXxrJf0tQihYDFDisKLzb2-Y=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/04/02/five-things-to-watch-for-in-the-canadian-business-... 51 KB
51 KB 91ms
87ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/54UfXxrJf0tQihYDFDisKLzb2-Y=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/04/02/five-things-to-watch-for-in-the-canadian-business-world-in-the-coming-week/20230331080328-d18cc7fbb631f7eead9bf99c91f73af805880561af290cef7304f1e7e103e3f9.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 030129900c2f8d3dd54b0a753a69e62c682ce77f271fa712737dd9d4ade46c3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:07:18 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 28995
etag: "7e630124eabc7190d40bd697023ad6e99fab792f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 51920
x-amz-cf-id: OBntyQHs_-aTqgX-sRJ6hmChgXe1t104KdYgtd3DWi8WNCUHddr7bA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230402140428-6429c972729ea7067b3f6aecjpeg.jpg
images.thestar.com/kyEETpxiU1CHZmtuan0sJ2Qpw0M=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/04/02/inquiry-into-ns-killings-calls-for-bold-change-to-... 27 KB
27 KB 106ms
102ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/kyEETpxiU1CHZmtuan0sJ2Qpw0M=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/04/02/inquiry-into-ns-killings-calls-for-bold-change-to-tackle-family-violence-epidemic/20230402140428-6429c972729ea7067b3f6aecjpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4ee06340e9e460449a2f5e893c524035ec7263ce1171181e7361a27ffd8faaa0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:59:52 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 11441
etag: "8f89ecc2893c1d7c9c3cdaaca7c7fa5f8445606d"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 27686
x-amz-cf-id: kNG6zZL7URsA1gtNpCzPKFcMyJUEEKRQSOT8CRzOgFtXpmeQ35aeEQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 21:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 22:35:12 GMT

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 620ms
399ms Image
image/gif 13.32.118.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 22:10:35 GMT
Via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: E3JV4ComzVtbV0XkhQTARIgHNWVZ-fvtUlE3dEH54abTcAlkNlrTOQ==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 245ms
20ms Script
application/javascript 52.222.250.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-165.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 15:59:41 GMT
Via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 77988
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: GL88reMrcqqciLyky7w2Vxe-hFjEOwosQnjt1g2nLFYrRIWA7lZRXg==
Expires: Mon, 03 Apr 2023 00:30:45 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 219ms
17ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=466798
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: f7160fe443d32f0e4578d3ab5416de8c267289613297a2d9dbcc75733425dc69

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
content-encoding: gzip
x-amz-version-id: ERbVIarZ1rISsHslj8F21HdZHLRJTt8v
last-modified: Thu, 30 Mar 2023 03:36:46 GMT
server: AmazonS3
x-amz-request-id: 5XQWM8PQRCPQSJ8A
etag: "bb66a896f1f818dad31656bdc8030f36"
x-amz-server-side-encryption: AES256
x-hw: 1680473433.cds303.am5.hn,1680473433.cds279.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 46842
x-amz-id-2: tBiuAHmtn2SAY49BoGVh9avXKF/o61gAQh7XspTZIZKXuTkm2PSN3ZJfgRF555QTSezWOacZnhY+JWxd9oQYfA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 221ms
23ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 21:48:27 GMT
content-encoding: gzip
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 19:29:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1327
x-amz-server-side-encryption: AES256
etag: W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 5cFU2wxC847xETOqbhKyg9BMQMdfq6VBqWxr5O9RtBDw6XPXjduVNA==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
947 B 195ms
27ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 878021
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poo%2BXey7ieTfWLrX6RIxL8qCAs47%2FOngeToaDfyf9GPkzwZLDTWMlMaJK2LhCwAK3UeI9SArCUKtqSKML5Q7Aak31nSj8%2BNjFKDA2LQgicbuHomblZ6hx7CKmZz0O8Z0PXCG%2FV2tGKDSEiuNoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b1c67123d25b73a-AMS
expires: Thu, 23 Mar 2023 18:59:09 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 84ms
20ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Apr 2023 18:03:05 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
345 B 19ms
19ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.42474318724426996
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 878021
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE4UL1QdWMAMVKu5Er%2BEveBKMTkUGFekyr8KaUTHJOuxqNIsZnMTYOVz%2Fj9Hh%2BWETjaVx0Ao9%2Bw6CDMv%2BF%2B0Bp9SdcoCB650%2Fqs3Rjz0Kdn90uCAE3ghEfBO3ykjQGbO68efabRICBXS3kiATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b1c67125d44b73a-AMS
expires: Thu, 23 Mar 2023 18:59:09 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
393 B 79ms
19ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6752ce06cd83cdff158e559b7694c23ed2e76d168745bfa19c8880d8b4ed1ad7

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
815 B 54ms
17ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:33 GMT
AN-X-Request-Uuid: b0cafe23-49cb-45de-84ef-de21bb61a231
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.17.184.1; 185.17.184.1; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 243 B
344 B 58ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 4a1f561fcc177aaf568e657cc285de519db46656d8cdd8d569261fd9b89719bf

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
87 B 61ms
24ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
BLOB 200
OK 9fcbaf9c-2e4f-4e95-b68d-eed60a9ed135
https://www.thestar.com/ 215 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/9fcbaf9c-2e4f-4e95-b68d-eed60a9ed135
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 220645
Content-Type

GET
BLOB 200
OK d11b71c9-cc35-4ecb-a14a-078a6bb9ad61
https://www.thestar.com/ 215 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/d11b71c9-cc35-4ecb-a14a-078a6bb9ad61
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 220645
Content-Type

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 135ms
32ms XHR
application/json 34.255.162.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1680473433990

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-162-196.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e8d722e1fd577c1666df680d147ecd4942263221b6ce1a51b3d8a5d6bc2bcded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v046-097336e4c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: xNGV8LO1SKA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 325
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 24ms
24ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:22:21 GMT
x-amz-version-id: qWTwAI1e3LVy8Ptu3C2nBrtQDgrxEHc9
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 31694
x-amz-cf-id: vWAAU37s9WbAwF8k0irjk2oiM_hQ2fWruBkiyJPRK9CW6YRNIKv59Q==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 25ms
25ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:49:10 GMT
x-amz-version-id: Qd2H2xCI4iuIkIJUv_vAOOceWO355ujJ
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"b89fcb8870ac40eecb6d3cc844d35389"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 12084
x-amz-cf-id: LU-Ifksz7Z8DeJycBV6w_7_HWu8pefqFgdiFlmKF4_nHd-iT-bK14w==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
27 KB 129ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=274dda2e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44fd0f8ecc0ad918588c29ceed15858e82f153e8f156faf229a668da461cd42b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27206
x-xss-protection: 0
server: sffe
etag: "1530 / 585 of 1000 / last-modified: 1680300463"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Apr 2023 22:10:34 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
438 B 21ms
21ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:08:34 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 120
x-powered-by: Express
etag: W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 19
x-amz-cf-id: qJQeM22u4ywctyAtEEdBxa-eihL-gSfxA1dKwbQz0fVIriqQkp28KQ==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
439 B 21ms
21ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:08:34 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 120
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 19
x-amz-cf-id: 5xcTOPzyAbFdmXm-LfP_yeuNc9rLuvpjNTQMKpPZn8yGo1C3xk22kA==

GET
H2 200 widgetloader Show response
widgets.media.sportradar.com/torontostar/ 327 KB
72 KB 322ms
221ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=274dda2e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

12b49ff2b8fd853b8cb8b8cad3b88e668e24ffa98f00d54ab15c52a8828b434e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
etag: "afabac6148a9d78f809b9f9e1608ce9b-f8a400ed7327490159cee95d69ec48a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=60, immutable

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e321f986f5872ca02ccdcf17714cd9c2977057a55b7acc52f42ca0c1c70741fd

Request headers

Referer
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 21ms
20ms Other
image/svg+xml 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 21:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 22:35:12 GMT

GET
H2 200 NSG-Logo-NSB.svg
www.thestar.com/assets/svg/ 28 KB
20 KB 37ms
37ms Image
image/svg+xml 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/NSG-Logo-NSB.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

52c6b724460d1cc1eef6b6b43f27f26d9f17f392ca2148e0df83f05f3cbc9970

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:52:49 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8265
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 06 Mar 2023 16:15:21 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"6e4e-186b7b4bda8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: Uf2_ZBWAHkFcMJDdYSYfD4ADHZ1XaB299vl0lP5gcoOxFkRB4S9zlw==

GET
H3 200 serviceiframe Show response
news.google.com/swg/ui/v1/ Frame FF4A 16 KB
7 KB 86ms
85ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=466798&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

625cde91947d1cf86d031ed678b8942f45d7bcc7440f40abdb09f84d97038b57

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-fGvLZ5zk36fG1bwG_HLdvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-fGvLZ5zk36fG1bwG_HLdvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Sun, 02 Apr 2023 22:10:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Apr 2023 22:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 322
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 03 Apr 2023 00:05:12 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.3.0/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.3.0
https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js

7 KB
3 KB

23ms
23ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.3.0/dist/web-vitals.iife.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 873901
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GW7YXZ63AP7TF9NTF2JZ4WS3-ams
server: cloudflare
etag: W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b1c67167b7306d2-AMS

Redirect headers

date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GV43384N6JS6HC13SSQY01B7-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2077493
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.3.0/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
cf-ray: 7b1c67161aff06d2-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1c054b47adf9e75a3b785b7ac87e5157bbeec4a86b82fb76bd4368b5db52187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cccba587a124ac942142683a38b5e050c96980f6f3a1944b0ce20cd131b08a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:34 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
86 B 56ms
26ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c79788a5758405dd16060e1656c2a3e3e4d4228073a6024b4c2692fc8a8201a3

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thestar.com/ 2 B
58 B 83ms
82ms Fetch
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 89ms
27ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Apr 2023 06:05:27 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 57907
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: SIZ1X37A1vN45sgQcstEZ1BFR4keMmfaW0aebIQkmeB_Bbj2yU7GqA==
expires: Mon, 03 Apr 2023 06:05:27 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%2...

0
226 B

22ms
22ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: _X1XgRcvPqCdI7INjvkRnZOLunYuhUJPpjDwdDMlaa5pvJ0zUENR4g==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680473434506&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
content-length: 0
x-amz-cf-id: 8ue5cp0rqfgitxfpXVb68edSFCdTob7EWmhOqovMvOiSZMu8pL0RnQ==

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 158ms
113ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 159ms
115ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=O4Bo5fFpx&w=5166328627855360&o=5071905434894336&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sid=Ni8SPYSg&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame FF4A 0
25 B 75ms
75ms Other
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZAovcUyRAmDRPdCf37aGng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=466798&publicationId=thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-ZAovcUyRAmDRPdCf37aGng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/ed=1/rs=ABXTjI62WxrGKmtg0XPf9PfCx0C4xms-jA/ Frame FF4A 521 B
967 B 69ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/ed=1/rs=ABXTjI62WxrGKmtg0XPf9PfCx0C4xms-jA/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=466798&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 16:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 16:37:13 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/am=oLkBAAE/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTj... Frame FF4A 198 KB
70 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/am=oLkBAAE/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6rVKD2lWNPJrQdHeMUDqFSPTaavA/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=466798&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffee30afa8295eef0269df10349134fbd2af815f234e51b9ffdb0425d5e6cd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71320
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 04:53:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:32:49 GMT

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 3006 7 KB
3 KB 132ms
31ms Document
text/html 52.48.226.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.226.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-226-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v046-0f8f2f033.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Fq20iE2/QQ8=
content-encoding: gzip
date: Sun, 2 Apr 2023 22:10:34 GMT
last-modified: Wed, 8 Feb 2023 11:53:45 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
458 B 106ms
29ms XHR
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=41585824449261794674025791074806440877&ts=1680473434538

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a2f861a7a85b9fda9adb6163a9f723328e5c4f6489bc6eee272c36851eb0076d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZCn9WgAAAFExugMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41599954897915910414022698319737780647
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZCn9WgAAAFExugMx

42 B
942 B

32ms
32ms

Image
image/gif

34.255.162.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZCn9WgAAAFExugMx

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-162-196.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-02a7d0da5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nWJpE4kKRz0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZCn9WgAAAFExugMx
Date: Sun, 02 Apr 2023 22:10:34 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 79ms
25ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7ddeb3e9913d796ddcbd29b35dbb5b47738fb73766081a6192b8d2b81c00145a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:34 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26227
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 121ms
120ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:33 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: CgRSmzy5phAwuPrfhO1rIQ-bhK67vpsjx4L_7HrWHU8sBbgDUS1CXQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 304ms
20ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 02:11:14 GMT
x-amz-cf-pop: FRA56-P6
age: 71961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 28 Mar 2023 02:10:35 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: MvqLdW1rEVqvvWr47qmdJvFqjkhCVE456YcoHbo7TKcQhvApBa9HCA==

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 101 KB
17 KB 213ms
213ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/158?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2023-04-02T22%3A10%3A34%2B00%3A00&ts=1680473434555

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

e8304367a445b903f4bc5086d5e6cd8b3d9cba811a288595c1fee8d75c51258e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 16287
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sfMXqSxwAnaDIzHua9o9RzIZBOdxDkL6UCZnoUmB_zmTU5WMSeBt2A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 399 KB
124 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6117
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126961
x-xss-protection: 0
server: cafe
etag: 11043018428268230335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 01 Apr 2024 20:28:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 298 B
188 B 119ms
55ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de4bf3cac42279a6a7122862e2b3d52282677fbdc7cf636c7e0e8f4852b21704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
x-xss-protection: 0
expires: Sun, 02 Apr 2023 22:10:34 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 11 KB
3 KB 386ms
338ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 83d854c625695fdcf3b5a05cae0e270808a60ac505d6760c01d924bbcd7678f9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 7 KB
2 KB 313ms
269ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 3613c97a7264fe23dc2da0690cc97d78812a3a36a5a6e303a48d954edcfaae49

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 22 KB
6 KB 395ms
354ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a83ec36c657f04438a7e2c8d9b9356a1904f827690e4f1683ff67de236e6dbd9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 11 KB
3 KB 361ms
325ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 4080d7a38d2c475a355471d435ecc82ae15f160da9540447f43679ccce312508

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 11 KB
4 KB 388ms
357ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 38ed670052bdc57208ac3e5a08184ea706ae43fdf42f5570a76a697d6f6de175

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 5 KB
2 KB 340ms
313ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 79eff54975f1d24289239d6f06e634476788b5fc4ad8acfcb30a8c4f0c785259

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 12 KB
4 KB 365ms
347ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 0aa129c7e4eba725d6793b16776615f1dd97a34893a7cd7449c2c806a0ae1849

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
175 B 218ms
187ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=pageview&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1805&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=6&jsfv=nbc&ts=1680473434580&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 6 KB
2 KB 303ms
273ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 2be6bdb02841741c7103902e309a4b04b9fabc531c8b129b8c20237294f742ff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:34 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2089364244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=867176967&gjid=1746681933&cid=978834447.1680473435&tid=UA-70431129-1&_gid=1286074072.1680473435&_r=1&_slc=1&gtm=45He33t0n81P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&z=919053801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2089364244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=241730800&gjid=851987425&cid=978834447.1680473435&tid=UA-73335503-3&_gid=1286074072.1680473435&_r=1&_slc=1&gtm=45He33t0n81P86MZHL&z=840650604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 48ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je33t0&_p=2089364244&_gaz=1&cid=978834447.1680473435&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680473434&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 74ms
24ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=978834447.1680473435&gtm=45je33t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 100ms
30ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=978834447.1680473435&gtm=45je33t0&aip=1&z=1023945652

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je33t0&_p=2089364244&_gaz=1&cid=978834447.1680473435&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680473434&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 52ms
25ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=978834447.1680473435&gtm=45je33t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 78ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=978834447.1680473435&gtm=45je33t0&aip=1&z=1534406607

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 44ms
23ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-70431129-1&cid=978834447.1680473435&jid=867176967&gjid=1746681933&_gid=1286074072.1680473435&_u=YEBAAAAAAAAAAC~&z=901480156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Apr 2023 22:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk.89041.8b4faf20.js Show response
widgets.media.sportradar.com/assets/js/ 136 KB
40 KB 21ms
21ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.89041.8b4faf20.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a56299887f3e3e17b8d533cde3bd5a98a47d0ad14d111b4e82efbf2bcec269ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Fri, 24 Mar 2023 15:21:49 GMT
x-served-at: Fri, 24 Mar 2023 16:10:26 GMT
etag: "1667fabfde534f8e46cb79a045421dae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 40468
expires: Mon, 24 Apr 2023 16:10:26 GMT

GET
H2 200 chunk.57420.3297b6d5.js Show response
widgets.media.sportradar.com/assets/js/ 342 KB
90 KB 29ms
29ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.57420.3297b6d5.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67e65d7c0da8f299eb5cce90c068377b4f4d988d4fd52f88a19f12bfc6ea866c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Fri, 31 Mar 2023 09:09:53 GMT
x-served-at: Fri, 31 Mar 2023 11:22:55 GMT
etag: "bc9f559293f47e0f8de88dad0fc40fa0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 92106
expires: Mon, 01 May 2023 11:22:55 GMT

GET
H2 200 chunk.74425.b4af7b7e.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
5 KB 28ms
28ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.74425.b4af7b7e.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b0a11946c643c14bb42fe182a9f7774797b304c21cfb3b00c3c45489b58fc5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
x-served-at: Tue, 07 Mar 2023 17:13:17 GMT
etag: "26ae76bcfb97005a40281d78c580363a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
content-length: 5213
expires: Fri, 07 Apr 2023 17:13:17 GMT

GET
H2 200 chunk.75472.fe2afd2b.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
8 KB 50ms
50ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.75472.fe2afd2b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e6af40c18f2bd3bfc04e356506f5f806b9ef2fc9a445a549dc628d16dd445697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
x-served-at: Thu, 23 Mar 2023 23:16:51 GMT
etag: "cf8f725362e2997e228eed8b70936411"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
content-length: 8296
expires: Sun, 23 Apr 2023 23:16:51 GMT

GET
H2 200 chunk.58047.f9857c8b.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 41ms
41ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.58047.f9857c8b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Wed, 01 Mar 2023 20:30:20 GMT
x-served-at: Sun, 05 Mar 2023 14:57:09 GMT
etag: "77dcbaed60f52b4338418a558410cc56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3865
expires: Wed, 05 Apr 2023 18:37:46 GMT

GET
H2 200 chunk.87159.ede8653c.js Show response
widgets.media.sportradar.com/assets/js/ 110 KB
30 KB 40ms
40ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.87159.ede8653c.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0a2a5931def4d018eb29d2906d98a42c85cf00e599c462c9d2696c4ecc2304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "f3171021fafa8f97314802fdb9a3df6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 30032
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.872.c1e54049.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
6 KB 50ms
50ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.872.c1e54049.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

168b0707f95f0c9690d5fc1ede64f1aa68981ed479825a77e68c49dfa3c5debf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Mon, 20 Mar 2023 20:08:40 GMT
x-served-at: Mon, 20 Mar 2023 20:45:17 GMT
etag: "5dbc0c53f98cd01ebd3a6f36da44d22c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5860
expires: Thu, 20 Apr 2023 20:45:17 GMT

GET
H2 200 chunk.88139.274c7355.css
widgets.media.sportradar.com/assets/css/ 20 KB
4 KB 49ms
49ms Stylesheet
text/css 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.88139.274c7355.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Tue, 28 Feb 2023 08:57:36 GMT
x-served-at: Wed, 01 Mar 2023 04:19:14 GMT
etag: "c49787c1d88ae88587d40d3a2128e530"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3803
expires: Sat, 01 Apr 2023 04:19:14 GMT

GET
H2 200 chunk.88139.223cfcbb.js Show response
widgets.media.sportradar.com/assets/js/ 22 KB
7 KB 49ms
49ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.88139.223cfcbb.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 17:55:42 GMT
etag: "721c6aa9d4d169f53089fda9c8650d3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6585
expires: Thu, 16 Mar 2023 17:55:42 GMT

GET
H2 200 chunk.56615.6f5a2786.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
7 KB 48ms
48ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56615.6f5a2786.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "17d28dd8a0d379cf3bf8a0fde19671e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 7004
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.36369.4d629a02.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
3 KB 54ms
54ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.36369.4d629a02.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Wed, 08 Mar 2023 16:58:01 GMT
x-served-at: Mon, 13 Mar 2023 01:22:45 GMT
etag: "d732fcd8139e215ea39b473933d09bdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3139
expires: Thu, 13 Apr 2023 01:22:45 GMT

GET
H2 200 chunk.99585.125055ea.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
5 KB 49ms
49ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.99585.125055ea.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 04:04:44 GMT
etag: "7f3ad519cbc50f88557125cbe435144f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5105
expires: Thu, 16 Mar 2023 03:44:34 GMT

GET
H2 200 chunk.73555.82682d90.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 50ms
50ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.73555.82682d90.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7b95cd5fc12d603eb71470d4d2c81469d9d3da90aa473ac22f964708c17c0855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "1a54a889b4d2c67c2411bb0d9af473f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3879
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.5871.31c7af08.js Show response
widgets.media.sportradar.com/assets/js/ 8 KB
3 KB 48ms
48ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.5871.31c7af08.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:44:46 GMT
etag: "7fec7d978e30bc583c1a19f722210edb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 2970
expires: Thu, 16 Mar 2023 03:44:46 GMT

GET
H2 200 chunk.69233.15fe205f.js Show response
widgets.media.sportradar.com/assets/js/ 29 KB
8 KB 52ms
52ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.69233.15fe205f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93c270e3d09f2601438dd1066b9b017cbf846648cf7824dd434c20b64bd4311d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Fri, 24 Mar 2023 15:21:49 GMT
x-served-at: Fri, 24 Mar 2023 17:20:08 GMT
etag: "fe686814bc2c064f17e712f9fc7b97cd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8005
expires: Mon, 24 Apr 2023 17:20:08 GMT

GET
H2 200 chunk.13040.76f77951.js Show response
widgets.media.sportradar.com/assets/js/ 45 KB
12 KB 55ms
55ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.13040.76f77951.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "f48cd5b9c67127bc245cd22cb5bf70e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 12064
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.70689.8a75fb8f.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
4 KB 55ms
55ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.70689.8a75fb8f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Wed, 08 Mar 2023 16:58:01 GMT
x-served-at: Mon, 13 Mar 2023 01:22:45 GMT
etag: "547e83aea16d9f6505d68c813bdf23d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3272
expires: Thu, 13 Apr 2023 01:22:45 GMT

GET
H2 200 chunk.83679.aafd3aa1.js Show response
widgets.media.sportradar.com/assets/js/ 27 KB
6 KB 46ms
46ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.83679.aafd3aa1.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 09:26:49 GMT
etag: "ef4b2e812247d35ae451639597ae1800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6245
expires: Thu, 16 Mar 2023 09:26:49 GMT

GET
H2 200 chunk.84814.724cf9ff.js Show response
widgets.media.sportradar.com/assets/js/ 17 KB
6 KB 52ms
52ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.84814.724cf9ff.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Wed, 01 Mar 2023 20:30:20 GMT
x-served-at: Tue, 07 Mar 2023 09:31:21 GMT
etag: "f5f15f112020f745f3f67dece3002f15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5514
expires: Fri, 07 Apr 2023 09:31:21 GMT

GET
H2 200 chunk.95874.44a7e7c6.js Show response
widgets.media.sportradar.com/assets/js/ 25 KB
8 KB 46ms
46ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.95874.44a7e7c6.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:44:34 GMT
etag: "d4c2807e1b48610aaf3c19abbeb97194"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8330
expires: Thu, 16 Mar 2023 03:44:34 GMT

GET
H2 200 chunk.94135.f9946be8.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 52ms
52ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.94135.f9946be8.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Tue, 07 Mar 2023 16:36:18 GMT
x-served-at: Tue, 07 Mar 2023 17:13:18 GMT
etag: "671c8ca3d2c93888427fd55c7c19023f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4092
expires: Fri, 07 Apr 2023 17:13:18 GMT

GET
H2 200 chunk.85559.99132082.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 45ms
44ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.85559.99132082.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

84242d07bd804b647a31c9378eb34602611bba456006cf71f02b35a58ffc03f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "b206a99bb3267f5fe5f2a6835c5cc7a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4256
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.15133.d4037179.js Show response
widgets.media.sportradar.com/assets/js/ 9 KB
4 KB 45ms
44ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.15133.d4037179.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

461e00aa6587befefa9872b01e056554f6d10b6ac5cd486cd651149fe5d9b9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "0211d6fe8be37345ebd245e8c32a852d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3516
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.us.common.scoreTicker.2eb3136f.css
widgets.media.sportradar.com/assets/css/ 39 KB
5 KB 59ms
59ms Stylesheet
text/css 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.us.common.scoreTicker.2eb3136f.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

749a035f8cb91fb9b0bb07afd08659d854427ad0693b927061e77e7070968baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "abfba0bc906d919c2cc0b763cd1af738"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4619
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.us.common.scoreTicker.0b75b186.js Show response
widgets.media.sportradar.com/assets/js/ 165 KB
42 KB 49ms
48ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.us.common.scoreTicker.0b75b186.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22700556b3465dff1eb7af5d7982bd307b1f297c6e12c767e4441e4c8936dad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Thu, 23 Mar 2023 22:37:24 GMT
x-served-at: Thu, 23 Mar 2023 23:17:49 GMT
etag: "a45cc8146e3a3dc237b08e926a9f67c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 42873
expires: Sun, 23 Apr 2023 23:17:49 GMT

GET
H2 200 chunk.react.cd04a608.js Show response
widgets.media.sportradar.com/assets/js/ 129 KB
42 KB 54ms
54ms Script
application/javascript 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.react.cd04a608.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Wed, 08 Mar 2023 16:58:01 GMT
x-served-at: Mon, 13 Mar 2023 01:22:02 GMT
etag: "c7bdd38c3252c749e884e2d30a454945"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 42582
expires: Thu, 13 Apr 2023 01:22:02 GMT

GET
H2 200 en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
26 KB 81ms
21ms XHR
application/json 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1680253421966&h=0a85e093fc3d495c20cfc910a8752d45

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ed4ad29cdc26075c1ee1f1725a614341bdefdc3d7c4f46584a30a30fbae932c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Fri, 31 Mar 2023 09:03:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5270400, stale-while-revalidate=604800, immutable
content-length: 26103

GET
H2 200 css Show response
widgets.media.sportradar.com/torontostar/ 37 KB
4 KB 182ms
122ms XHR
text/css 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
last-modified: Fri, 31 Mar 2023 09:03:55 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=60, immutable
accept-ranges: bytes
content-length: 4246

GET
H2 200 licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
10 KB 194ms
134ms XHR
text/plain 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1315e0f4d14ae783cde42871fe304710c16ff8cdea5d31ba4916a6d644cfabb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:34 GMT
etag: "65b5adc8eba94c9b212a66e0db4b35c7"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=200, stale-while-revalidate=60, immutable
content-length: 9535

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 61ms
26ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:34 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 74ms
26ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Apr 2023 22:10:34 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 57aee2f81cd9b6a14a02b7960b1684a9 Show response
z737.thestar.com/plugin/plugin/ 217 KB
48 KB 27ms
21ms Script
text/javascript 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugin/plugin/57aee2f81cd9b6a14a02b7960b1684a9

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

2448306051d3626ff8800e30cda8ff1d44b30f6343e361b3a65ca67549bcdcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 175796
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 48724
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:20:38 GMT
server: -
etag: 57aee2f81cd9b6a14a02b7960b1684a9
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 091xmxRMeKUq1NBdNMNVjz60SpWDnQi2AVzi53QTjHsPKbST-FS8EQ==
expires: Sat, 30 Mar 2024 21:20:38 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 8 KB
5 KB 480ms
419ms XHR
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e2ffffe3750006095cf806d4d74c2659ec0e369d29b3c9fd1834ec5ab4272b

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b1c67185f719174-FRA
expires: 0

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 60 B
546 B 399ms
389ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 62f777700ad7770a0736f98883f9836854f9cdbeb41fc2af810f42f63d32be1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:35 GMT
ETag: W/"3c-TlFm120+kvM5XzgTcuZzzD9Ipf8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 60
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1... Frame FF4A 124 KB
42 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4KuKjP_O7JIYf_iyMrL5cDDGIB3w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/am=oLkBAAE/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6rVKD2lWNPJrQdHeMUDqFSPTaavA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdee9ead34651f90eb8881765a6985f9a4b1991b10ca34ac3163d03ef6ef1d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42746
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:48:21 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1... Frame FF4A 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4KuKjP_O7JIYf_iyMrL5cDDGIB3w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2922b8e94b344cf6d86566936e5d5a369bb4f4e9a6eefd93a939e6c4c1fddf49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7318
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:49:06 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 205ms
205ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

94d9e5ef48e3ab454b4e21618558047eaa7d16e855c7a6020d38515a2a2f66c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1755-DWKjLgGICEpyGSa+Rp4aYCbBpOA"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: -AOUpqdwyNluGw4YKW4PntDk4_RVC96mgdSgxu34VDFUHctauRLFVg==

GET
H2 200 mdc.textfield.min.js Show response
z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 21ms
20ms Script
text/javascript 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 4212190
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Feb 2023 04:07:24 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: ne3lp4KzSaTl2pswHvLcgbL0A0xG-txPtxUDhygrmi4Y7TkaMd7nJg==
expires: Tue, 13 Feb 2024 04:07:24 GMT

GET
H2 200 user_agent.min.js Show response
z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 5 KB
2 KB 20ms
20ms Script
text/javascript 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 4495040
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1274
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Feb 2023 21:33:14 GMT
server: -
etag: 333f52c72fdc4072c6c7950dab8f54f4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: LPYb6ZOPadcfUUXbcijhZ80NpGL5xHIRd6Ptl4QGnAVY43cY1yhrDQ==
expires: Fri, 09 Feb 2024 21:33:14 GMT

GET
H2 200 3d5cf8dd983f31c972a945a469a0f671 Show response
z737.thestar.com/plugin/library/ 323 KB
100 KB 21ms
21ms Script
text/javascript 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugin/library/3d5cf8dd983f31c972a945a469a0f671

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

874e10980e11d7cad2d56c010f2966f85980aa037d1af07c45e988915fce37bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 175796
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 101345
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 21:20:38 GMT
server: -
etag: 3d5cf8dd983f31c972a945a469a0f671
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: cGNfiK6ZB50gV0vec4GFwpAshbJeaccOyPj1-t9usJHeCZaEgavWLg==
expires: Sat, 30 Mar 2024 21:20:38 GMT

POST
H2 200 LB-Zone-1 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/158/ 4 KB
2 KB 297ms
296ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/158/LB-Zone-1?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=9cd8d860-f947-4f6f-b341-5be953c13fd4&overruleReferrer=&time=2023-04-02T22%3A10%3A34%2B00%3A00&ts=1680473434960

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

0edfbbfd3d479fc2f2e7d50a909c8bd81e158769fced7ee4bd400e9984d1a16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1164
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: ScaUSrUstfm0gFeyAjKwH_l75fUOCbIUxJt5KCrg0h74B6Y27SOkag==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
1 KB 207ms
207ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7f86051dede7c72c3eb1fcf1c99b5fb74fa2ed9ab211b8397f3351e78c68a9ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1392-9Jz2pqGG0rUG8x4pa/2D9886Th8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 34R6UFIyaHBGkLvv5velu_EB6KHLHTP8j3itm14rU4o6hPmrzGSszg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 216ms
215ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9eb86c9033f937c3c20b310926eb81ed455236e64ac4955543cdc80ac9b80e83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"10cc-M1OKKDcTcRHfdN/43F8eeFU8RHU"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: PV9jWLmSw2c13dmC_f-sYZxF2dhGbSIz9_yvTo0Gn5TJ-GkMPGzzhQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 204ms
203ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

16750417552cc5aa4b790439bd91c0186fb17074fa08d112f5f5728407fc6656

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"21d3-sHupo6ulFg2eGAkG3eAlg87yEeI"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: uZzjg0Kt7Pj_uReJEhIIzdtTNlUz0BSLjYW7Z6yABSzUW3qafBZPtg==

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1... Frame FF4A 1 KB
736 B 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4KuKjP_O7JIYf_iyMrL5cDDGIB3w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38bbd010c578bb5b15693574bd7c0cf217369f0074437e1d341d2a09484989f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 710
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:49:07 GMT

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1... Frame FF4A 14 KB
5 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4KuKjP_O7JIYf_iyMrL5cDDGIB3w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b265b61574bf1761b2db94d79eb59458f2c43d108317ab6f8cdd5d920356663b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5091
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:48:21 GMT

POST
H2 200 log Show response
play.google.com/ Frame FF4A 131 B
579 B 122ms
32ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:35 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 206ms
206ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c58e844e09964b214705c5a838adcfd1c729642dd35d1ad23b178359356292d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"216f-oYlAJAasYLtmalzORpTIZEloX4Y"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: ni8lAsx-Gk6tyb3aVukw2aODY-CElsH-3K6vhx-yQPdxBiayLq52HA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 207ms
207ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6d8c6c8a5fe5ee2d3e08dda4414955d1946bfaeeec2c89685090e460faa7124f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"267d-Fkyd7jxFjuHhursZdrikttbak2Y"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 4pzsFT1P4syrQBgTO5YvBU8mqZI1I0MRZ9iLeWzBst3n8Ip2myEE8w==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1008 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

646cef873dec3647bf86ff6b201d6bf51eb8e69b16ae46164d018ea61c9dd89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 22:10:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 22:10:35 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 18 KB
4 KB 204ms
203ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9b12275083323ceb51a146fe53c7a412e63aedbbf7a75d709f65b966dedd35bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"4845-62ptPjY/RfMnppfWigw+ARw6lqw"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: MtClymOxuJmlA4x6YpKm5gIaysrrNDiPZsz6tbnzsbVE5OecZVbF2Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 203ms
203ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

62520e2cfc3b6a866ece5333da7262406cf84c60eb22fac968fd431e7322bda7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"2142-WNL7Bq+e+i7e8X0D5L0bypGXDus"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 4ZBK9x3guNZarKhiIChZI_NKpXU2N_dpLs6kzoqBKmL-g_j8lDul-Q==

GET
H2

200

MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

54 KB
54 KB

49ms
44ms

Font
font/woff2

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8649
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: g9MhyH6TAXxXR8jTOEZOhi-8QsGTiM5FKsAMB_sCg149c6vi8aHfYw==

Redirect headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
content-length: 0
x-amz-cf-id: jASWddhWQqdFK7t_vDenRQTwhV6t2rrOtGktNq9PhMGt2C2cPbdPvw==

GET
H2

200

MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

55 KB
56 KB

48ms
43ms

Font
font/woff2

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8649
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: X8wAT08InltIdYqFcKrYznXVExJVxBBI1BFC6dGweUQJbe30mdq2iw==

Redirect headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
content-length: 0
x-amz-cf-id: VzusWMo4MXbf9zG-St27rqiQUJib15Qf3o8OuNCpSWDNJhdfs1ZGgQ==

GET
H2

200

MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

53 KB
54 KB

40ms
35ms

Font
font/woff2

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 19:46:26 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8649
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"d420-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: TXUxxOd3bz-6H77P9n7qoJvHs86zBmIxs0OQ7LgLNk2zCxF9-jkByw==

Redirect headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
content-length: 0
x-amz-cf-id: -N-pCRwGlJiMcwkLiKy6oTQXPV_VJ0YhpqBukeTnUZfu5550358qOg==

GET
H2

200

TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/
Redirect Chain

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

18 KB
19 KB

47ms
41ms

Font
font/woff2

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:18:14 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8176
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"4930-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: dSxxwXoIgKNOF4qdSFtmtKaXQplBZZvde-aCnT6f9ZRuVcovWmGeog==

Redirect headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
content-length: 0
x-amz-cf-id: BfcqGh7iBhys2VLjyVSxyssOIrwsACv_2duzW_Z6MXmMMsWCA3HM2w==

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

37ms
32ms

Font
text/html

108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:08:19 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 136
x-powered-by: Express
etag: W/"1cb58-6qUEDoTItoick0zRgGPArJ2SbrI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Error from cloudfront
cache-control: max-age=180
x-amz-cf-id: SbLJnaCg0zJ4CyqJ58VME0qgJx_xe39dQ__eXeCKgyiGa42p-XvUhg==

Redirect headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: Wgfyt9i2QI61eK4-YAnk-e0siNvvmHwzrwZxnWkamtZjwxoPu1w8qg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2089364244&t=pageview&_s=1&dl=%2F&dp=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACgAIAB~&jid=1412382619&gjid=1399915777&cid=978834447.1680473435&tid=UA-150212423-1&_gid=1286074072.1680473435&_r=1&_slc=1&cd9=season&cd14=(not%20set)&cd2=widgets&cd3=us.common.scoreTicker&cd4=1.0&cd101=(not%20set)&cd1=1&cd6=web&cd5=en_us&cd7=sr%3Acustomer%3A6666&cd107=default&cd108=default&cd8=sr%3Ahsalias%3Atorontostar&cd110=2.0.257%3A2023-03-31T09%3A03%3A57.934Z&cd23=null&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd12=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&cd24=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd103=sr%3Abookmaker%3A129&z=2132352535

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 4 KB
2 KB 158ms
48ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f26c53d46132ac896e7be512309cebe924b2c961a2594d26c3df554989b6a3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-wbxwrnrz
content-length: 947
x-feeds-fv: feeds-prod-euc1-fvauto-07e7e9e3f2d61a117
last-modified: Sun, 02 Apr 2023 22:08:22 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web08
etag: W/"84f7a5d2a28f953cb18de27b649dea102b1afde5"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 275545019 279794578, 181746070
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 02 Apr 2023 22:13:22 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame FF4A 158 B
190 B 42ms
41ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-2557146140224433019&bl=boq_subscribewithgoogleclientserver_20230329.04_p0&hl=nl&soc-app=673&soc-platform=1&soc-device=1&_reqid=79836&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a40b0daed94f89fa6d569b4884fa3521ee227754264dfd6549e58d15a116c1f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
6 KB 207ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

64dc4e78f543d8c984247ec25d330249ba4270fe33c2cb95ea79a56b9ee94fdf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"15b1-2WnneEkih6w6Ba4fVGsFIWxEASU"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5553
x-amz-cf-id: JrBRyMUiVlzgNy5-0Y71KWn0Dnc7ZjYEWz8ykvh9zvhKqppfKrOyhg==

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 35 KB
35 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:10:15 GMT
x-content-type-options: nosniff
age: 471620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35520
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:10:15 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
1 KB 210ms
205ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2d5d97b2a9003f4d291cfb64f59deb637fd0760ada1e38f7763b3737dc797a4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1257-ncrluUwhZzkSMxW6HJsE4hcVY+I"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: Ur1NKp8AV8L6YQCgNOD01ZGdqrcuJgE76FGxZ3wpLHXyHRp6juSrqw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 206ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2b64d7f63ad85faae72abe91b68f89018f6466a596b5d0a3d6d0dfafc36aa5e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1f5d-W+DZ0q95hb0oKLJY2eUEQVx0VUk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: lMuiZ6s2qvOzwDHS4_FSqgbPCPFv5B-37a1-8odBTDxstBchS6YSDQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 204ms
203ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

17ae5e61f3df2b8eb6d2aa28ba2ecb28a920835140a88fe0b28081b2f517a1a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"f91-+VPxlBvnOckTDwngWkLZ8nnbJ78"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3985
x-amz-cf-id: uM51O4zVRf6xOskwp9Wxk8R8RKjMrj807h4QF0BnDJC2Kr9Sl0tBjg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
8 KB 204ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7b9d736296e51ab1b4f0bbc27a7278948475017df4c35b06fcced7712fcf6317

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1ef9-BiVP1twhPFwtpaY0oIEqioIFCrA"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7929
x-amz-cf-id: j9QGvuMKSyKUosUTTWdBMEi4ipz00Yxn3qxGDt6BDmNuPt2nJWT5Ug==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
9 KB 204ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

07a42f786905c748c8088a19b66ec5041da9bdd610cc02c087a52b59b614c621

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"239f-8O8Cazzy7HMHpBPyxXkO5Vbi/IM"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 9119
x-amz-cf-id: VJSTYabdWsqfURhvTXL2WhLcxL1eoE44JvUXjoujmFwYwy1mFQKrFg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
8 KB 204ms
203ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d44a49e27debed71398d388de2d14fb737d8ca72eaaaf7bea5972fcecf499a17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1ecc-VCrzQRGS0w1c6m3uu5Q2V0pcYjM"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7884
x-amz-cf-id: 0jQSMT3_O7Ent7PTFPzQ3hnFWSuGTEgIcwU9p7zfscGUrII7YrVdqg==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 32ms
31ms Font
font/woff2 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=d5cd10a3e1296fddc9ca
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:28:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 7012
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Mon, 06 Mar 2023 16:15:20 GMT
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-186b7b4b9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Ms47XqbjCfgGIYZ1JqFw9ShsBCQZRR9K7sPo7NdgZcJofgtgu_octw==

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1... Frame FF4A 107 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.4wX7cTq2Rw0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Kl0ZhC-eRdA.L.B1.O/am=oLkBAAE/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4KuKjP_O7JIYf_iyMrL5cDDGIB3w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfadf5827cd1cb8e06f04baa71fb287f4194df6ded812db61040bcd79ae6389c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36783
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:56:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:48:21 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 296ms
296ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/158?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=9cd8d860-f947-4f6f-b341-5be953c13fd4&bctempid=&overruleReferrer=&time=2023-04-02T22%3A10%3A35%2B00%3A00&ts=1680473435328

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

f0332a0c034778ac84cef0752adcb5097fbe7e360f5deadda3a7afd2198fe680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: xyvKbuw0zkYagnDJK2RBFKblvtFUkmCzjwq_Eb-JBRCvYfPCn8tUCQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 7 KB
3 KB 343ms
343ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

cd201d7d3584bcbe6340c8d6a50e3e39724b090cde1d20677c39b8e93fbcf8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2545
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: r63IIYMwO6vJsdJ15Xk_yBwAmYiqCIoDzF9ZMQ7GoR9TVEnsGpcZAA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 34 KB
9 KB 325ms
325ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

c8759e432ec027305e7dbcfd98ccc28c327469f0bb34bea55424d474acb559bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8695
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lt4rcGg8eBLA1Jtw2IzYv9J3uaSIvUZVkXagm0n7J1DkUkQK19gdbw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 67ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/plugin/plugin/57aee2f81cd9b6a14a02b7960b1684a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Apr 2023 22:10:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: utthcoRRY/OYNrlp41ch29sbtaFM9+9yqbMGY6GZLW3ORh4yh9jwLhIP2uCV0OVYrHF/0pXVLYmPKgypGxE70A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 324ms
322ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

c78e5e5aca54e87247679806332cb3e994bddc4ca1f1fb38cc418adace675677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: kHpDUVnsjRplDhrrhi4-icv2894onOcNZ3or_a6sUGNQCtIZ0C4GZA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
94 B 113ms
111ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2558&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=43&jsfv=nbc&ts=1680473435333&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
94 B 114ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2562&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=44&jsfv=nbc&ts=1680473435337&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 316ms
316ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

70383e4fdc8faf079a78f6ce018b11b368aaae873674fd036adf1ebcb80bbeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 166
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: O3jEIZxmxmqsJMe74efzVqslproT8ZtiWsalMeNXvAo4X-v0JV3ocQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 17 KB
17 KB 205ms
205ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2ef7b12077350a398a681fb54d6f69e80056e7fc6ea74118f52d203abdbe132e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"42f1-l2kuw6q5uKBd7a2PXS61ONw302E"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 17137
x-amz-cf-id: EH7kmdwVnOKGL6PGW2wUK_WoUVe-KvQ12FTuPvyUtjFgBsOLYiPTvA==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
861 B 103ms
102ms Script
text/javascript 34.198.148.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=9cd8d860-f947-4f6f-b341-5be953c13fd4&&callback=bc_json160

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.148.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-148-95.compute-1.amazonaws.com

Software

- /

Resource Hash

678b8d521a3fdf0520fe91f03d02964b7d343cc9d2bd058bf5eb4efb3ecac029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 32ms
32ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

3dddc83b0983fb7ba5f019e1afe0b461692519ff62f3c25f2302c49a4b7b984d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web5
content-length: 731
x-feeds-fv: feeds-prod-euc1-fvauto-07e7e9e3f2d61a117
last-modified: Sun, 02 Apr 2023 21:49:39 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra3
etag: W/"5a25d0133c4d1d9899ca73cdecbcd05781e21d39"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3596
x-varnish: 278173922 274877173, 173504421 175909847
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 02 Apr 2023 22:49:39 GMT

POST
H2 200 log Show response
play.google.com/ Frame FF4A 131 B
273 B 31ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:35 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 70ms
27ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
expires: Sun, 02 Apr 2023 22:10:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FF4A 131 B
273 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:35 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 72ms
30ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
expires: Sun, 02 Apr 2023 22:10:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FF4A 131 B
273 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:35 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 71ms
29ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
expires: Sun, 02 Apr 2023 22:10:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FF4A 131 B
273 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Apr 2023 22:10:35 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 69ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
expires: Sun, 02 Apr 2023 22:10:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 869 B
1 KB 114ms
113ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c555183895342cf73bba93c0008e5a19100227e9451b3a9beda10ad75520db6a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"365-bx4sWy7xwp0kXkTyTcBf3xEzLtw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 869
x-amz-cf-id: YlGow0uDzOpfYLLxoi0OqiTW5MLGA125_MGHp30oR7KjuUoff66zrg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 114ms
114ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c3d2ef1ff7df915ce113c65a74b1ab59f37b543b2d4c9f8a1d27d82362bceb48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"d91-ujj4/Ejv1+k/0jDfmjtCVf1C4zc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3473
x-amz-cf-id: RicKGDtz9_KB3kVgjJr4mLEBye4I1uHHlbtOLJkKaSbpzia2Hj2LLg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 204ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7808143042fbcd9c83e7317c8093f5591090459cfcfeed13def9b6692b4cb33d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"a0f-4b4BAWH/BnU9bjlWwtHCMwQ4Nhc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2575
x-amz-cf-id: usXqGDCLakQR62E4MIhxeUQJfkFnyuu9PCTNXtRO021z0M8fXVX4qA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 113ms
113ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

588a9a07b331ee9c0799fb916839b56e7a8da252cab3290b657a4c2858817f5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"a0a-Z01nvtlKReIQRZhGeSD0lyyaHiw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2570
x-amz-cf-id: 2LBiLpFA8h_1wziJ8yYzaLnTquZ2phpqqHiKaNXeqqg_bTmVkvslmA==

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 2 MB
224 KB 58ms
58ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

dc1a52ae86bac0357413c1b738deca92d18294554d10ee0311ef5a1bdf07e6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-narlgiqb
content-length: 228087
x-feeds-fv: feeds-prod-euc1-fvauto-07e7e9e3f2d61a117
last-modified: Sun, 02 Apr 2023 22:10:18 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web04
etag: W/"8e53a75c5e133fba838bc312ee72451fa6f5439b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 277576817 282564999, 183044048 177445175
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 02 Apr 2023 22:10:38 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 39ms
39ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

4ce6d6fd0629c86caa1f4aad713dd1de02aae611ed11a448b4f8eb5083b5f246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dergvdbg
content-length: 608
x-feeds-fv: feeds-prod-euc1-fvauto-0069e52da2e2e1f3b
last-modified: Sun, 02 Apr 2023 22:09:03 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web02
etag: W/"7dde31dd32297aa495b950669f4969239ca09bac"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 309173314 308814659, 219588990 213891100
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 02 Apr 2023 22:14:03 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
5 KB 204ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6d5de546ffed976fe94294fdb2a9b2857cc269c075286ac7b3d15ca6de335ca8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"142c-HGhGuGNjniUi+ofvXiCAH21zXGA"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5164
x-amz-cf-id: NiMj-rKVCTQJ-oZCq1Bau9ZsPfiJJmfi2SAhYCgqlxYTUpG5LAkVLQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 206ms
205ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7968d756ec269a914e5865fe0269c38a0be1961c483861687df9f30ab37e7323

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"6ce-ofafue4B6fqaBJ3MOj5OLNelYMg"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1742
x-amz-cf-id: ro8ffwMEFRg_IGoKK2r_ly6dGU_LQm3Os6xA-4AuhsvMcty7EbFmag==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
405 B 205ms
204ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: yiXvN_xpuPr-n9CPmlJWpmbbeyrPBLlP2BfNrMuZqsaP1Jh0TqhPxA==

GET
H2 200 549886031832745 Show response
connect.facebook.net/signals/config/ 514 KB
149 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a16f5391af83443ff5d7b7e037a679cef2799d3dbdd09a03df59b76589d3b7b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Apr 2023 22:10:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 152328
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7TQQgQ58s4L0414dYowJzAwiRTkqSTEGsDgxMdY4sWs+ZM43+zsY+I9siTOq0SuMZ4jE0fzK3mUXYec7AtP1mA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 events
events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/ 0
0 70ms
69ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/ Frame 0
0 147ms
35ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 events
events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/ 0
0 73ms
73ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/ Frame 0
0 148ms
37ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/70025984-c6f4-4a81-b55c-5bdcda7355dc/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:35 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 102339 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 8 KB
3 KB 48ms
46ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/102339

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

1ba9f269afa818236f6f7ae2662aea09bf37a19989439a2b1d305f96bb0fa9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web5
content-length: 2032
x-feeds-fv: feeds-prod-euc1-fvauto-06dc1413df658b8f6
last-modified: Sun, 02 Apr 2023 22:10:17 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra1
etag: W/"001fcb8da92f2d6eb6a6ed39d71cfee22a2c878a"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 281291858 282956601, 296444114 285277930
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 02 Apr 2023 22:10:37 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 30 B
94 B 35ms
35ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
content-type: application/json

GET
H/1.1 200
OK / Show response
p1.parsely.com/plogger/ 43 B
257 B 137ms
30ms Fetch
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.parsely.com/plogger/?rand=1680473435572&plid=70438862&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2241585824449261794674025791074806440877%22%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1680473434729&slts=0&date=Sun+Apr+02+2023+22%3A10%3A35+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=803&u=pid%3D6bc4a2b7221a19a8b0a3834ec60cafe1
Requested by: Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 22:10:35 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 02-Apr-2023 22:10:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 23ms
21ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:09:49 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 46
x-powered-by: Express
etag: W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: AURsTCcRhQuW8zHW2gwUYoNw0g-sbRrtxBqViHzdZA-iL0FbRgmiNw==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 132ms
29ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1680473435579&plid=70438862&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2241585824449261794674025791074806440877%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10416%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1680473434729&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Sun+Apr+02+2023+22%3A10%3A35+GMT%2B0000+(GMT)&action=_scroll&u=pid%3D6bc4a2b7221a19a8b0a3834ec60cafe1
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 22:10:35 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 02-Apr-2023 22:10:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 133ms
30ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1680473435580&plid=70438862&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2241585824449261794674025791074806440877%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10416%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1680473434729&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Sun+Apr+02+2023+22%3A10%3A35+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=10304340&u=pid%3D6bc4a2b7221a19a8b0a3834ec60cafe1
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 22:10:35 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 02-Apr-2023 22:10:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 silicon_valley_bank.jpg
images.thestar.com/acvN7I6OKpFsz7iyl5Vda_d0v_U=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/banking-crisis-leaves-an-over-leveraged-wo... 36 KB
37 KB 23ms
22ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/acvN7I6OKpFsz7iyl5Vda_d0v_U=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/banking-crisis-leaves-an-over-leveraged-world-flirting-with-a-doom-loop/silicon_valley_bank.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 11570ed3f3f81b02caa26113e1aeb70953cafc5787ef19a12044171d8f7e137b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 16:01:49 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 22126
etag: "6cf3b2a99d40dd282cb39f5a86395aa11b9e7f84"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 37182
x-amz-cf-id: ED-A_XEYlwtnSQf22nlsDFx8w2YVx7dhnQ8enhR2ctnyobZouyIOoQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 timon_schneider_dreamstime_gan_sytems.jpg
images.thestar.com/whg2rbxTIfyhXXLHyujhY8L3_jY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/canada-needs-to-focus-on-microchips-to-bec... 17 KB
18 KB 24ms
23ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/whg2rbxTIfyhXXLHyujhY8L3_jY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/canada-needs-to-focus-on-microchips-to-become-a-global-tech-leader/timon_schneider_dreamstime_gan_sytems.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 01cce77fdc05165e7d05a2769097acdbaec7aba8f7a7deeb9767b244f1383979

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:02:34 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 32881
etag: "69ed800184f279f03d45a4de8ee38b849986be0f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 17590
x-amz-cf-id: gfcgPMsGq3Bvp1m9l4bDo4wwqS8XNPRM17ATB0YdGbGhaHex-S-UwQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 115ms
114ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2827&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=46&jsfv=nbc&ts=1680473435601&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=2825&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F04%2F02%2Fbanking-crisis-leaves-an-over-leveraged-world-flirting-with-a-doom-loop.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F04%2F02%2Fcanada-needs-to-focus-on-microchips-to-become-a-global-tech-leader.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F04%2F02%2Fcanada-lacks-productivity-maybe-its-the-bank-of-canada-inflation-fighting-policies-that-are-at-fault.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2023%2F04%2F02%2Fbanks-face-rising-shareholder-pressure-through-climate-resolutions-as-agms-loom.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 stephen_harper.jpg
images.thestar.com/pzdkVzcCKj1c089vGOnb6gfJVw0=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/01/there-were-two-stephen-harpers-a... 17 KB
18 KB 23ms
22ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/pzdkVzcCKj1c089vGOnb6gfJVw0=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/01/there-were-two-stephen-harpers-and-pierre-poilievre-is-getting-advice-from-the-wrong-one/stephen_harper.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fd7bfbb6a7fb06e05f63465a4cc276f31712c673678ce792bac7ab605d2c0e7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 11:04:47 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 126348
etag: "3908bff7e0ffc0d8073e4bff8c3c45ed8ea8e215"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 17784
x-amz-cf-id: ZZxeLEybMzb30cbecbEYGpUfAcV8x6KviirmpN1RJs3LxLdNx_P12g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 116ms
115ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2869&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=52&jsfv=nbc&ts=1680473435644&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=2869&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F04%2F01%2Fthere-were-two-stephen-harpers-and-pierre-poilievre-is-getting-advice-from-the-wrong-one.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2023%2F03%2F31%2Fmpp-michael-mantha-ejected-from-ndp-caucus-over-misconduct-allegations.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2023%2F03%2F30%2Fdoug-ford-calls-federal-environment-minister-a-real-piece-of-work.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F04%2F01%2Fdid-the-federal-budget-lay-the-groundwork-for-a-liberal-ndp-coalition.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2023%2F03%2F29%2Fbattle-of-the-bottle-how-canadas-alcohol-industry-got-the-trudeau-government-to-scale-back-a-tax-increase.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2023%2F03%2F31%2Fformer-conservative-leader-erin-otoole-quitting-federal-politics.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 41585824449261794674025791074806440877 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
430 B 313ms
313ms XHR
application/json 13.32.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/41585824449261794674025791074806440877
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-9.fra60.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-trace-id: Root=1-6429fd5c-130373dc21471d27270f2274;Sampled=0;lineage=ec555b06:0
x-amzn-requestid: d6e055d9-5178-48aa-a2be-3f7dcf89cd49
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: CxSGdGSkoAMFZZQ=
content-length: 51
x-amz-cf-id: CWSa9vigGunVjxzDtSi1B_sij5-ABhU0QvBHcWjh2S9AHtCcbB4GRA==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 113ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2877&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=54&jsfv=nbc&ts=1680473435652&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=2877&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2F2023%2F04%2F02%2Fthese-simple-habits-can-reduce-your-risk-of-developing-dementia.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F04%2F01%2Fmy-wife-and-her-best-friend-are-both-ceos-but-the-disrespect-shown-to-them-makes-my-blood-boil-can-i-help-ask-lisi.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F03%2F30%2Fmy-sister-pretends-she-didnt-marry-for-money-but-i-know-the-truth-and-it-really-bugs-me-ask-lisi.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

OPTIONS
H2 200 41585824449261794674025791074806440877
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 383ms
293ms Preflight
application/json 13.32.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/41585824449261794674025791074806440877
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-9.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-apigw-id: CxSGaEqwoAMFqIQ=
x-amz-cf-id: dZywQYG42iXzYxWipUBejGYMe6DDpQO_SyiMFel4lzR7ufxaBkFDwQ==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 43466440-7ecb-411f-95cc-dcb972d74d3a
x-cache: Miss from cloudfront

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 141ms
46ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1b1f"
content-type: image/png
x-varnish: 63397887
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6943
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3695.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 117ms
22ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3695.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

aa5b8f27efd753425650bc628c3d46d0d5025bdb9b66b20b5c1c3f9f7c1a18f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-169c"
content-type: image/png
x-varnish: 62062675 61144802
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5788
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 118ms
23ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1788"
content-type: image/png
x-varnish: 62833032 62827960
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6024
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3683.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 133ms
39ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3683.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1dd7"
content-type: image/png
x-varnish: 63148167 62643178
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7639
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3704.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 137ms
42ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3704.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1744"
content-type: image/png
x-varnish: 61979189 58287265
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5956
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3681.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 138ms
44ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3681.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1b03"
content-type: image/png
x-varnish: 349473031 349472146
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6915
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3684.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 54ms
49ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3684.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

282d282212de3d1a0a5c509b47b188e2a6bdc365daab73a3782ed6c6295c4805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-12ed"
content-type: image/png
x-varnish: 62773992 62868119
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4845
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3682.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 44ms
40ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3682.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1c77"
content-type: image/png
x-varnish: 62640843 62018096
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7287
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 55ms
51ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1327"
content-type: image/png
x-varnish: 64606892 64317211
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4903
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3698.png
img.sportradar.com/ls/crest/medium/ 10 KB
10 KB 58ms
54ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3698.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Fri, 15 Oct 2021 14:50:01 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "61699519-27cc"
content-type: image/png
x-varnish: 59487482 59770865
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10188
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 74ms
70ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-17cf"
content-type: image/png
x-varnish: 62592187 63331465
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6095
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 344158.png
img.sportradar.com/ls/crest/medium/ 4 KB
5 KB 76ms
72ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/344158.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:47 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b7-1108"
content-type: image/png
x-varnish: 64002658 63033864
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4360
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3675.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 75ms
71ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3675.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-18e5"
content-type: image/png
x-varnish: 63622146 63206845
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6373
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 58ms
54ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1af6"
content-type: image/png
x-varnish: 63742564 63645563
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6902
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3688.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 57ms
53ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3688.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1645"
content-type: image/png
x-varnish: 63608826 63391588
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5701
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 794340.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 69ms
65ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/794340.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Thu, 23 Sep 2021 14:22:12 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "614c8d94-1299"
content-type: image/png
x-varnish: 356188277 355437273
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4761
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3701.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 77ms
73ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3701.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3644264a33465399ca76bee9a04de8fdd50aec96e77a27c08492b360f6922213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1a3b"
content-type: image/png
x-varnish: 355307659 352628947
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6715
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3691.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 54ms
50ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3691.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1323"
content-type: image/png
x-varnish: 58232112 58231436
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4899
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3703.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 66ms
62ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3703.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1c84"
content-type: image/png
x-varnish: 61765060 62442626
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7300
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3680.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 68ms
64ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3680.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-181e"
content-type: image/png
x-varnish: 62260294 62092368
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6174
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3699.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 57ms
54ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3699.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1257"
content-type: image/png
x-varnish: 61678892 59993032
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4695
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3697.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 72ms
69ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3697.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1204"
content-type: image/png
x-varnish: 61749192 61618767
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4612
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 78ms
74ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0341e57ee6cfebcbb
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1707"
content-type: image/png
x-varnish: 63557995 63835281
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5895
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 70ms
66ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1a3b"
content-type: image/png
x-varnish: 62596413 62851944
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6715
expires: Mon, 03 Apr 2023 22:10:35 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 79ms
75ms Image
image/png 2a02:26f0:6c00::210:bb39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 22:10:35 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-198d"
content-type: image/png
x-varnish: 354998468 354714810
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6541
expires: Mon, 03 Apr 2023 22:10:35 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 387ms
386ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

e0cb7b9d74668fc8d5b47eff0049820ed5ec690cb021d9144136666a2d8450cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: PXQBa2fN2SmE_qmiExIP3MHes-c91F2u0igHqLF9rygejslu7l2gyg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 386ms
386ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

14314c968e3337c554c4ff9a88d0dfd0bf7d9e54061c41b7f5622705da2931ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: cOK31Oriuf9Nft139RTu7_IVRElvRsrx6UpC0JRTcUvk_2eRjbS6XA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 434ms
434ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

9bef2545e0d85e8741a578c389a2e56bf3c4206c54585a78f5e43b219874b1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: xRRsTnZnzPmCyEUloXkPnPJdpXVQvPVNTS39IkDsIPyn3DieQD7PWA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 114ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2974&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=57&jsfv=nbc&ts=1680473435749&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=2974&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2023%2F03%2F29%2Fkeanu-reeves-on-growing-up-in-toronto-getting-kicked-out-of-high-school-and-being-asked-to-change-his-ethnic-name.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2023%2F03%2F31%2Fblack-blue-bring-on-the-seafood-towers-and-kobe-cuts-theres-a-new-steak-house-in-toronto-and-emad-yacoubs-at-the-heart-of-it.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2023%2F03%2F29%2Felon-musk-steve-wozniak-and-more-than-1000-experts-sign-a-letter-with-a-dire-warning-about-artificial-intelligence.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 toaster_v3.css
z737.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/ 1 KB
1018 B 21ms
20ms Stylesheet
text/css 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/toaster_v3.css

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/plugin/plugin/57aee2f81cd9b6a14a02b7960b1684a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 15513069
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 08:59:26 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6MGpRG6olHmrSWgLGw-I6MVIqfeZIFMNWjhrFuLzCNzVtnGIBP5dtA==
expires: Thu, 05 Oct 2023 08:59:26 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 113ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2989&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=61&jsfv=nbc&ts=1680473435764&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=2988&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2F2023%2F04%2F02%2Fthese-simple-habits-can-reduce-your-risk-of-developing-dementia.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F04%2F01%2Fthere-were-two-stephen-harpers-and-pierre-poilievre-is-getting-advice-from-the-wrong-one.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fopinion%2F2023%2F04%2F01%2Fits-the-perfect-time-for-the-maple-leafs-to-embrace-the-mystery-of-matthew-knies.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F04%2F02%2Fbanking-crisis-leaves-an-over-leveraged-world-flirting-with-a-doom-loop.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F04%2F01%2Fmy-wife-and-her-best-friend-are-both-ceos-but-the-disrespect-shown-to-them-makes-my-blood-boil-can-i-help-ask-lisi.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F03%2F10%2Fmy-son-in-law-threatened-me-and-didnt-apologize-how-do-i-handle-this-ask-ellie.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 113ms
113ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3010&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=69&jsfv=nbc&ts=1680473435785&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=3009&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fdoug_smiths_sports_blog%2F2023%2F04%2F02%2Fye-olde-mailbag-whats-going-on-between-the-raptors-and-nick-nurse.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2023%2F04%2F01%2Fblue-jays-kevin-gausman-finds-a-change-of-luck-isnt-in-the-cards.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2023%2F04%2F02%2Fgorman-hits-2-homers-in-st-louis-9-4-win-over-toronto.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2023%2F04%2F02%2Fcurveball-alarm-type-sound-interrupts-remote-radio-broadcast-of-blue-jays-game.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fncaa%2F2023%2F04%2F02%2Fno-shoe-in-miamis-pack-benched-for-time-after-shoe-blowout.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsoccer%2F2023%2F04%2F02%2Fwillock-wilson-goals-earn-newcastle-2-0-win-over-man-united.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2F2023%2F04%2F01%2Fcanadas-summer-mcintosh-sets-2nd-world-record-in-5-days.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2F2023%2F04%2F02%2Fraptors-inch-closer-to-securing-spot-in-play-in-tournament.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 _1_dementia.jpg
images.thestar.com/Tj2cWI_7gQEVDyyPFeMhwK0TZrU=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/2023/04/02/these-simple-habits-can-reduce-your-risk-of-developing... 2 KB
3 KB 23ms
20ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Tj2cWI_7gQEVDyyPFeMhwK0TZrU=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/2023/04/02/these-simple-habits-can-reduce-your-risk-of-developing-dementia/_1_dementia.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac5d44354f62e5757b75abf2e319b4e0097d6444761931bc9bac3718662de503

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:09:45 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 39650
etag: "229ef0a176119b49b3e1d7b8e65325d1b406e5b2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2296
x-amz-cf-id: kuQiyd12PkmQDME6TAWjM7NRPl61nZFZidLtTLGyvztKD3QyiENEfQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stephen_harper.jpg
images.thestar.com/v6TdQpCItZ3G1gHZNOfFtu0T6y8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/01/there-were-two-stephen-harpers-a... 3 KB
3 KB 25ms
22ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/v6TdQpCItZ3G1gHZNOfFtu0T6y8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/01/there-were-two-stephen-harpers-and-pierre-poilievre-is-getting-advice-from-the-wrong-one/stephen_harper.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d7f00ce89b3fcf2a99342796be029e2522c1d9b2df0c979430973d31c5c28440

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 11:04:55 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 126340
etag: "2e788407b66cd44cf7fc6f9f36d3f64f4af66bdf"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2700
x-amz-cf-id: 9r5CdoDMVhaI_apLkgk93TMxgcWqKCKMZYV2goNIYA4MdCFcYHL1bQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 matthew_knies.jpg
images.thestar.com/Jug9HvjyMvxXV8LYNLOrKzJ4enE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2023/04/01/its-the-perfect-time-for... 3 KB
3 KB 25ms
22ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Jug9HvjyMvxXV8LYNLOrKzJ4enE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2023/04/01/its-the-perfect-time-for-the-maple-leafs-to-embrace-the-mystery-of-matthew-knies/matthew_knies.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 71eb3c4c4c77f1592680534b5ecee01acab75bebe24c941dbd448a7506df8058

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 23:38:54 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 81101
etag: "49a089b8d940d5d32ab75f8ed57c810d30e77bed"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2756
x-amz-cf-id: vt8pIv4Vd6WyRbtBnUmSAox_tHHQcSq2tqI_0TyYjGtmZWLxd4YpVQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 silicon_valley_bank.jpg
images.thestar.com/IxlnfAqyrFpDkbnq8qNsbZ-oFAk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/banking-crisis-leaves-an-over-leveraged-wo... 3 KB
3 KB 25ms
23ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/IxlnfAqyrFpDkbnq8qNsbZ-oFAk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/04/02/banking-crisis-leaves-an-over-leveraged-world-flirting-with-a-doom-loop/silicon_valley_bank.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b74504106936db61dbe6f2f7fd27f17deaa5e56e6b5023706d82bf6d6022b3b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:16:46 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 17629
etag: "26127c4112cc3280cd4774b504ff6ac54f68a857"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2624
x-amz-cf-id: R2BWrUP_-LixV-FRhik1FpB_1Tb8xj2Y8i5GbRzpmVuHS_2u7656xw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pics0010.jpg
images.thestar.com/B4GL6XXVFOiVyHHU5UV0To3kioE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/04/01/my-wife-and-her-best-friend-are-b... 3 KB
3 KB 25ms
23ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/B4GL6XXVFOiVyHHU5UV0To3kioE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/04/01/my-wife-and-her-best-friend-are-both-ceos-but-the-disrespect-shown-to-them-makes-my-blood-boil-can-i-help-ask-lisi/pics0010.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b9be933f76eee1c4bfe2b9a0e6719b32a5bdce5a4bc15601aea168e20e13a30a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 10:37:44 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 127971
etag: "d4fde0e7a94d0b737ef7310328fc04c557ca9eb4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2930
x-amz-cf-id: 9yMjFlL91wy9qcm-wAEUD_f7j9t_qtnUCGWlp1UOLGwKrtexPFQipw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rl_ellie_20.jpg
images.thestar.com/KbQMmQlDTlRCMN0r2Xq2TYMrBhs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/03/10/my-son-in-law-threatened-me-and-d... 26 KB
27 KB 28ms
27ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/KbQMmQlDTlRCMN0r2Xq2TYMrBhs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/03/10/my-son-in-law-threatened-me-and-didnt-apologize-how-do-i-handle-this-ask-ellie/rl_ellie_20.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 113bae72ef4a6654f06e31331f8e5d8c5706c8a1d8dea318d832bde7b71e5dd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 13:03:59 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 205596
etag: "bb8cd3028a480ab29ed64cca97acd1c05b9d0610"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 27086
x-amz-cf-id: wcPVgSseeCOdKiL0eGrnwgVo6gjCH4m9leUE2ETQ2sWeCccrsddp2g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
3 KB 115ms
114ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5d1e9e112e4c8e32f2a73938919c2b27641fab77266e2b0d7b4f3f19dad2708c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"9fb-cGSeNLi54A2xLhijYwvIN50emRI"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2555
x-amz-cf-id: 1DqxZoPFb-HpqgEAX1FGNNEO9a-2HoqXhtLKC_IfPjxXxwn1-OJG1w==

GET
H2 200 rl_ellie_20.jpg
images.thestar.com/7YgTGdlC8obJSZiAJFcwT76cxmA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/03/10/my-son-in-law-threatened-me-and-d... 2 KB
3 KB 27ms
24ms Image
image/webp 13.225.78.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/7YgTGdlC8obJSZiAJFcwT76cxmA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/03/10/my-son-in-law-threatened-me-and-didnt-apologize-how-do-i-handle-this-ask-ellie/rl_ellie_20.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-98.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c08cb8a1586d5c0d3fab3842f33f35910888ba571f399fa1115dd5973bc4303d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 07:25:02 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 139533
etag: "68b05bffdeff433c5bd0c56f3ae76aff4a44c6fb"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2518
x-amz-cf-id: U1ClsD4r1LUu-ffoFKmMu5Bcwln4H2TmzBQdgbr9lT4OyHVzdl9_Yg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 117ms
115ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3073&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=75&jsfv=nbc&ts=1680473435847&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=3072&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F04%2F02%2Fnew-york-city-of-trumps-dreams-delivers-his-comeuppance.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddleeast%2F2023%2F04%2F02%2Fisraeli-government-advances-ben-gvirs-national-guard-force.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2023%2F04%2F02%2Fthe-us-leads-the-world-in-weather-catastrophes-heres-why.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2023%2F04%2F02%2Fukrainian-official-offers-plan-for-a-crimea-without-russia.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F04%2F02%2Fus-midwest-south-reel-from-pack-of-tornadoes-that-killed-26.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2023%2F04%2F02%2Fpoland-marches-defend-john-paul-ii-from-abuse-cover-up-claim.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:35 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 34544397 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 6 KB
3 KB 68ms
68ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34544397

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

b575aeef71b681f100ae2cc7ed084dccc419c1eeb4c59ddf08f039d04c8a95d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web5
content-length: 2150
x-feeds-fv: feeds-prod-euc1-fvauto-07e7e9e3f2d61a117
last-modified: Sun, 02 Apr 2023 22:10:32 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra1
etag: W/"fd9e0dfa9ccc4e3781fee3c2eb24c7bc40b2ecd1"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=6
x-varnish: 308801965, 152167260
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language

GET
H2 200 34544401 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 6 KB
3 KB 35ms
35ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34544401

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

153372001ed3dce07a722948d11ac1554caea26087cc4272fae1d2a7027083af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-narlgiqb
content-length: 2061
x-feeds-fv: feeds-prod-euc1-fvauto-0ccb798946199c3b8
last-modified: Sun, 02 Apr 2023 22:10:21 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web04
etag: W/"177cf34ddff118aaf20cbeb2c1b4b91c54bd454b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3
x-varnish: 286402373 284997209, 236379448 239269767
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language

GET
H2 200 34544383 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 6 KB
3 KB 33ms
33ms XHR
application/json 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34544383

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

fe60ef74644ae7c65f7491c33b579034a07d821ac49196441b7f5de0e66f7192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:35 GMT
xip: 2001:1af8:4020:a034:9876::15
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-iyofnzoo
content-length: 2123
x-feeds-fv: feeds-prod-euc1-fvauto-0cd04ec7730bcd85c
last-modified: Sun, 02 Apr 2023 21:04:46 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web15
etag: W/"5a4c6df7596aa4293ccfa0c3381cc4dd8bd61e9d"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 302494668 296940343, 585316620 569648875
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 03 Apr 2023 00:04:46 GMT

GET
H2 200 close.png
z737.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/ 225 B
731 B 21ms
20ms Image
image/png 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z737.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/close.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:00:02 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 10116633
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 225
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Dec 2022 20:00:02 GMT
server: -
etag: 78c046295f4be9f49abee490a3f879b8
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: Bmqg49Vilnkb5MK6w6q4kUdEFkSwGjneIqzyBgIYh4wDOo8loW4Wow==
expires: Wed, 06 Dec 2023 20:00:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 914 B
901 B 80ms
30ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98b87dda3916addb47464ca89c528b9b4224c6b16a979c7b970c572d0405b8b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Sun, 02 Apr 2023 22:10:35 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/ 35 B
49 B 115ms
115ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/e0e2e504-3ef1-448c-b2f1-8985e76b1783/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3165&blst=943&ist=1799&iet=1803&bdst=943&bdet=1204&bcttt=78&jsfv=nbc&ts=1680473435940&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=e0e2e504-3ef1-448c-b2f1-8985e76b1783&sid=3b10e5c0-a5fc-442d-930c-20ae067d4152&pvid=35835082-d6a9-4b87-990e-44b85d004343&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F111.0.5563.146+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=3164&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F03%2F30%2Fquebec-pedophile-hunters-face-child-pornography-distribution-charges.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F04%2F01%2Fhow-this-canadian-doctor-became-the-wayne-gretzky-of-vasectomies-and-why-he-stopped.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F04%2F01%2Fknife-attack-on-surrey-bc-bus-leaves-man-with-life-threatening-injuries.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F04%2F01%2Fif-only-my-left-hand-knew-what-my-right-used-to-do-my-simple-tasks-have-become-complex-manoeuvres.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F03%2F29%2Fquebec-police-conduct-anti-drug-trafficking-raids-targeting-hells-angels-mafia.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F03%2F27%2Fquebec-girl-9-dies-after-snow-fort-collapses-behind-residence.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F03%2F30%2Fwhat-nova-scotias-mass-casualty-commission-said-about-treatment-of-gunmans-spouse-lisa-banfield.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:36 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 408 KB
163 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6c59c43d25ea7d61764d099e8c795d2c84cdd5f0fe84ba63acdb55f7f230fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Origin: https://www.thestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167301
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 10:10:18 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 20ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 72b760a716cb02fb4904c85240ec864c239cc2b3bc7b0c9be3f50d070033758d

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 b
engagefront.theweathernetwork.com/x/ 42 B
309 B 202ms
107ms Image
image/gif 34.120.23.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.23.120.34.bc.googleusercontent.com
Software: TornadoServer/4.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
via: 1.1 google
server: TornadoServer/4.2
etag: "d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p: policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type: image/gif
cache-control: max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Sun, 02 Apr 2023 22:10:36 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 387ms
387ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

22a991c737f9f02ef489c41825ba85022cf36574369766409551038d294746c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 151
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: f_b2Hw3fNYhkegbOdBvM8ROlFCv664EllmWenvNEBUiNTyTKRSsPdA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 34B9 48 KB
27 KB 43ms
42ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bh6sccojlwzj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

499fd1c626a52d546f96ff61cdad02d4d42522bfa64e853806636070287ef3b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oe3oJ88xIqooTPiHdsrKCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27029
content-security-policy: script-src 'report-sample' 'nonce-Oe3oJ88xIqooTPiHdsrKCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 34B9 55 KB
24 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bh6sccojlwzj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 23:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 23:25:38 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 34B9 408 KB
163 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6c59c43d25ea7d61764d099e8c795d2c84cdd5f0fe84ba63acdb55f7f230fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167301
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 10:10:18 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 34B9 102 B
134 B 31ms
30ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e79c000b9803a2cfa05dbdae228cd50e2a13489d28727c701caa006ff3a2546

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bh6sccojlwzj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H2 200 B24540798.279406836;sz=1x2;ord=414773084462 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 35 KB
14 KB 53ms
53ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414773084462?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

bf445235a6bafdc2c7bfc76a7566dee3449c985ac2902123bfe57cd7685a00c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66f40f85eb7ccd6cb46884f2edca8b7bf2ed15dc79a7b57358d0a4b9ae6b3e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40993
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame BDB2 7 KB
1 KB 33ms
32ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9aab72897b7088cf44e1ef24caf460a004c1bcbf178af8887ac2e2b8f5532c81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5C3oqu1NRWn3qdeFdzerkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-5C3oqu1NRWn3qdeFdzerkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 default Show response
www.thestar.com/api/overlaydatarule/ 74 KB
13 KB 22ms
21ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/default

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f32bfe6fbdb7ee9d2378e9ca8155f15d531ecbcd8520bbf1372663178dbf1fb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:09:50 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 46
x-powered-by: Express
etag: W/"12625-pCf4vc2sNhxkwLH32qOUl+cJOb4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: XnHpxLJSF_Hd_uAQWXzzZ5oBMnF77zSkQbrRtR-cVd3m19y7yuIRnA==

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 72 KB
13 KB 22ms
21ms XHR
application/json 108.138.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=6cf7b067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-76.fra56.r.cloudfront.net

Software

Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6e8e85812f0ef89585c8b3a3fa876e6b8d396b10d24ba28c0df7bdb985589089

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:09:59 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
age: 37
x-powered-by: Express
etag: W/"11f14-9eBqZzGgYDjlnXGeP6femqhfYgQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: 8pMHV6nfmchBEa_QjyIBhujR14qIeEk-MLpOyZGJWOM0tTFfW2QPmg==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame BDB2 55 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 23:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 23:25:38 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame BDB2 408 KB
163 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6c59c43d25ea7d61764d099e8c795d2c84cdd5f0fe84ba63acdb55f7f230fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167301
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 10:10:18 GMT

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 114ms
114ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

492ea6b1b1f22538cb6afb7dc773c156d4e72e6ddbe00ca361da5977d8ddf7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: p9jeCDUHF8L2l7pFb5KaU1vcengtYTktjJLp1b6PVyCDf-MKi3yjPA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ 11 KB
4 KB 96ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414773084462?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 22:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 22:36:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
0 120ms
57ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYI-6A6P2Ms216gjqBRTXoL_r5NHZd5fY-Ec9nC1gbF8ktKume9Q_gj7X3E7WN2-uQ-coWafRJx6lwx6aVFd6CmQ0aSPr_Y6_QLnfLC2KNrC3SVCtBMG09GRGgFdGq7NeGKTsNhDJwj_3o&sai=AMfl-YTxMENwQhPjHUWwkAH_nWRkXqrqd8RpUt0F916INQq-2bJSOs0sdlyCPHaYTZVfyNNTGKbLVHONH36oxqw&sig=Cg0ArKJSzNRt7rCwKcdrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230329.57026&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414773084462?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 12 KB
5 KB 22ms
22ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49bd5cc239085142e293f889016f2329dfc5e6b96c4974468341c4af12bf343d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: r8_H_zLfiMhOtQWtSjzwpWquZIIU6FLk
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:25 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14537
x-amz-server-side-encryption: AES256
etag: W/"388ec145ed98f88ff80931dd624227af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ZpHwbPvPyUCXsMkLNV14KU2QF9ItSJBhMoCBFo_gThFTlRCaP_YT0g==

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 79ms
78ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 158 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 7 KB
4 KB 119ms
119ms XHR
application/json 18.66.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-98.fra56.r.cloudfront.net

Software

- /

Resource Hash

1ac17b78f1087e8ff9654c573188654956f33a45a3a2b19e6fd371bb50946446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2729
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 5JuxiCVVbsQ4fmysZ4aNz_ci_UUqJUh818qwA-hH_h1rALwQXuxkdg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 RC5e3aa078185a404a90c26089a206fc93-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1 KB
1 KB 21ms
21ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a42dac047c13d30244074e7c1caf24f3c12a5af603c8e15b79b1bb84236dcb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: .4Yvmpfz70Zvjm_9fz2VkVVdj4NQ4h1c
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:25 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9113
x-amz-server-side-encryption: AES256
etag: W/"8b2988d9bb6bf2bea1f082246dee7f4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: HCOgG5lqEJwRCPRIjdff2mSZjv0ZElonJuB3u5RWTx7liR9oSSiAKw==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame BDB2 40 KB
24 KB 88ms
88ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94221a65787d5a2b9f338694275ac372145a63950d91e29ca0b9ddbce1850496

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24803
x-xss-protection: 1; mode=block
expires: Sun, 02 Apr 2023 22:10:36 GMT

POST
H2 200 events Show response
pixel.thestar.com/ 0
117 B 344ms
106ms XHR
text/plain 2600:1f18:1430:9001:ab67:a243:7f3:713c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.100&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9001:ab67:a243:7f3:713c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Sun, 02 Apr 2023 22:10:37 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1680473436725&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680473436721.1538805450&eid=ob3_plugin-set_351154e0784ec0d32f2d832aa656629efd432f2b7479e0c307786ad85fb4ba92&it=1680473435492&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Apr 2023 22:10:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC0dc25b20a90b4585b160e266222619c3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 971 B
1 KB 21ms
20ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC0dc25b20a90b4585b160e266222619c3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64eb1841c385edc0225cb4f85b2ea001cc69cccee156dea5d99a28cfacfe9be9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: PG3q4ltG9CLYTkmsyqFRZYnW5S3z3NZH
date: Sun, 02 Apr 2023 20:33:25 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54326
x-amz-server-side-encryption: AES256
etag: "3a609f16f21e010b73bb99d7afd35275"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 971
x-amz-cf-id: WJSW7yC92iew2imb9vRd_pPQqh1l--2mQprvptKEPSg78kkkhYDC5Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 89ms
27ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230042-FRA

GET
H2 200 RCd768af7a41d447a48ddbb694e078eba8-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 3 KB
1 KB 25ms
24ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCd768af7a41d447a48ddbb694e078eba8-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 563ef2ed3f9d0f46ac612d268d96164a269cc6e6689d85afbf5d647c4b026334

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: UDWoRKN0DR9codDiv3pPI7zLqUIhITnV
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:27 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9112
x-amz-server-side-encryption: AES256
etag: W/"9f7b4240eb4c7c5ce0e6a49f6ddf31ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: WAtzVy7Tg3s7_rOE0Rq53t519WfcEIcQUkji0DkinRNGR0IJ1kHb6g==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 56ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2815ff1c0a514d51debec4dd31108daff6423c984e78a07d82eb8e2b63a6f5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69358
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 49ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2603a4d360fec6dd6cca4af47a9d5d2b6eba4b8b8e22ea67cc6fa8254563a347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69307
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 100ms
95ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b56154565c1712b271e61ffcdcf173b1168629512e5c331e2b3e6785ed963aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45175
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 33ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db7abf70710cf48cba0f432b42dc3425c3086bc9f8e1edbe9b30f112b66c5aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45194
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H2 200 RCdd630314d8a144ce818cf865b37c1fd3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1 KB
1 KB 24ms
22ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4457f5c4f0c738541cd408ef71b7f9bbd1a19f56387c28b6eb2b6743f87789a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Ky3TEyqpY.O8trY7SVoN1_hNR7sDRJMs
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:31 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 5826
x-amz-server-side-encryption: AES256
etag: W/"e87288f8ba284ca04fc81e6dc994fe62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: doTyAsGuejxkao2ngt-YwyaR62ccRApA7iMNCVL8rrPRE8K3MlU0Eg==

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame BDB2 11 KB
11 KB 38ms
23ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 187524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDB2 600 B
624 B 38ms
23ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 187524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDB2 530 B
554 B 52ms
35ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 187524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BDB2 665 B
689 B 52ms
35ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 187524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDB2 15 KB
15 KB 45ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 473971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDB2 15 KB
15 KB 46ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:32:23 GMT
x-content-type-options: nosniff
age: 473893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:32:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDB2 15 KB
15 KB 47ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 473974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:02 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame BDB2 40 KB
40 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AKH6MRH8zd6QyYrJQar89MojI3v7Fyd-lab4ijNmbgr9zc7VRfc3s1fRRGK-GNlHOcpXkKOHFcM53n43H2gT1pnuJgV4WE8IqMeOjRPBjyclrZ0s_5SUwDLTgiUbuFP32QBN7PkymdAr7nVnxJN2uQa4Fp0MTtzL63oXbMLMjtrB8eWdbt5iYNUoFUPc0E-litj_kJa2FI_3lNm0xgXtsfT3dqe0FLU_eA&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

560e24df907bb41d893598a7bb8635ec6aaf81c474c711a5d048cbc812ee0ce5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40536
x-xss-protection: 1; mode=block
expires: Sun, 02 Apr 2023 22:10:36 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
750 B 159ms
22ms Script
application/javascript 2a02:26f0:6c00:1a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 484

GET
H2 200 RC336079137ceb479aab0ece6eedbf95e1-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1020 B
975 B 21ms
21ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC336079137ceb479aab0ece6eedbf95e1-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1604a5ba0f2f61ff17add24c3796fbf2275d0d70d66dd0ec001a79218f5a3099

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: mYsBHdas7knV5eiWNyPYqbzIyAYaCmT2
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 21:13:35 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 3422
x-amz-server-side-encryption: AES256
etag: W/"d419ee4e79426c4b54d9f35731de136d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: paRzqAnEjff4cR-orKmY-tvtXX8GqZROaTU_u2jjuRxPY0HF-Dv21g==

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 176ms
125ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e70d61b7-307a-4237-84b0-1eeff44808f4&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3465e36a-99c1-4e19-abb0-4f7d2096b101&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 02 Apr 2023 22:10:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f943924eeef6cc2f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e8e2318409a8927101239d259c4264bc3e637fbbb76c25dfb2e5692f35d1e782
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 233ms
125ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e70d61b7-307a-4237-84b0-1eeff44808f4&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3465e36a-99c1-4e19-abb0-4f7d2096b101&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 02 Apr 2023 22:10:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5a2bb21df38627af
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c9d777236b741e497202335f3dfe248601cb1d67b7e3018a166c98bf99ee4ed3
content-length: 43

GET
H2

200

activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 6FBD
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fw...

411 B
572 B

80ms
77ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

2c50e78be37bb0b16176d33a37c788e33826177374f0698d958027c450b23de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:37 GMT
expires: Sun, 02 Apr 2023 22:10:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 3 KB
2 KB 215ms
111ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1680473437013&cv=11&fst=1680473437013&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&hn=www.googleadservices.com&frm=0&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=1481716506.1680473437&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4473281ce0dac0de1f6e9f6b22c605597d48ef9418b813865e7d242d3ef3a36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 123ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 02 Apr 2023 22:10:36 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53947FBB43E84998A17BA8BA3BE962F6 Ref B: DUS30EDGE0908 Ref C: 2023-04-02T22:10:37Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 RCe057394b62624c84884a89981136d531-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1 KB
985 B 21ms
20ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCe057394b62624c84884a89981136d531-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 978ddf3ddbf0fe3fb2aa857326a2dc7a202193a10b95b1d011328f162ab6e598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: pjCbQNU4Me5OsN5cQKDlRLKW0kR4w2KA
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:30 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9112
x-amz-server-side-encryption: AES256
etag: W/"44303d9e781fec41b89c567e24665cdc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: cihcEz4XujZjx3zPJVUFaDhN4v0zLUFF0QxV4hlUkTK3lcZg27VlVw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 96ms
24ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44465
accept-ranges: bytes
content-length: 4777

GET
H2 200 RCf39ced5c22854dc7bd6e804a34d45663-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1 KB
1 KB 21ms
20ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCf39ced5c22854dc7bd6e804a34d45663-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f38fdbb3a0b25f3fbd984e544b8f1cd33252c19757a23dad98582bd498e220d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: UydGf7R4Q3L6r9k7YBFhPjdZ_6jYK7Jo
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:31 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 5827
x-amz-server-side-encryption: AES256
etag: W/"c62d873d09adddd63bcfbe2f0d92c99b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: XKACr8k-5V20q5so5x8LO2sFHO7cA6xHKQvQtZ9o4yA6rjaMR7HbdA==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 96ms
16ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 RCcebeff8c827742329aac568372637b0b-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 1 KB
976 B 27ms
27ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCcebeff8c827742329aac568372637b0b-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbaf07acd0356b90bb8d0ca983d2d2d19f7a3426e5b89c8cdcd9c9d28193fca8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: k0_8KJrQTfzXk43OO6HWBeMSiY8u24Mu
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:31 GMT
last-modified: Fri, 31 Mar 2023 20:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9111
x-amz-server-side-encryption: AES256
etag: W/"1e409dfea5bd5fe54adddcee492963ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: XaRDsLGFX-ew4dGT0Z0hxYXBKCpRV_KBGrG1Z9Qx5HA86Ifte-usbw==

GET
H2 200 main.da2a1c8f.js Show response
s.pinimg.com/ct/lib/ 57 KB
17 KB 25ms
22ms Script
application/javascript 2a02:26f0:6c00:1a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17556

GET
H2 200 RC0ce5bb995d064dccbfa9bf274646021d-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 2 KB
1022 B 25ms
17ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC0ce5bb995d064dccbfa9bf274646021d-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f13c139d48dadf2a0c42bc0d21525dcc27989bb3a4181b1d4d972e54c8a20b63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: iXdDxUZOOpHfWMuD0bbkwf1WYQK4Qd8D
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Sun, 02 Apr 2023 20:33:31 GMT
last-modified: Fri, 31 Mar 2023 20:32:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 76186
x-amz-server-side-encryption: AES256
etag: W/"1bbfa6d8368446042e876147696e6735"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: n3Yo20UkyZUlLk6utJfBGU0LdAoFanwbBOIZ7kH8SOVYbfP7sd494A==

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
756 B 117ms
38ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612846434758&cb=1680473437162&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pin-unauth: dWlkPU5qQTJOVFk0TmprdE5XVTFNaTAwWVRVeUxXRTVZekV0TVdRME5tUmxOalJrTUdRdw
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sun, 02 Apr 2023 22:10:37 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-pinterest-rid: 5305487319212792
content-length: 375
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
93 B 105ms
39ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1680473437173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 9126681595448822
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ 36 B
373 B 118ms
22ms XHR
application/json 2600:9000:20eb:c000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:09:05 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 92
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: lVkZ2b_WFXo3oOMF7KnjCnenCATrwJaHhDxi59QZGit0ndkHuKeMxQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1680473437193%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKlt5IxBtgm9gAAAYdEBbYI9PgR05QxCnu-hJYgL9TO...

0
266 B

234ms
181ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKlt5IxBtgm9gAAAYdEBbYI9PgR05QxCnu-hJYgL9TOJuOCRsIBTEdMaMZPMvGwNEbTmNyUnQt9ozdW9Yk
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0F70088DD7FC49548E6CB12C3F239A69 Ref B: AMS04EDGE1217 Ref C: 2023-04-02T22:10:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4YbZSgG3xfX1jOdR3TA==

Redirect headers

date: Sun, 02 Apr 2023 22:10:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 72EC9DB6632C402E9B1E60A4865EA980 Ref B: AMS04EDGE1117 Ref C: 2023-04-02T22:10:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1680473437193&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKlt5IxBtgm9gAAAYdEBbYI9PgR05QxCnu-hJYgL9TOJuOCRsIBTEdMaMZPMvGwNEbTmNyUnQt9ozdW9Yk
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4YbZO8wpMUITgMEzv8g==

GET
H2 204 13008914.js Show response
bat.bing.com/p/action/ 0
118 B 113ms
113ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 02 Apr 2023 22:10:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34EBCA6C478543A892C801503D07BD73 Ref B: DUS30EDGE0908 Ref C: 2023-04-02T22:10:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 43ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=d21bba48-c19f-4947-9e22-2b9c595c75a7&sid=324c7640d1a311ed9c984d62e5d197ab&vid=324c8080d1a311edafb9ed923698aa0c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Toronto%20Star%20-%20Breaking%20News,%20Toronto%20News,%20Ontario%20News,%20Canada%20News&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=3516&evt=pageLoad&sv=1&rn=758548

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Apr 2023 22:10:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DBD6AEAF9BA649019CF2815BED75E647 Ref B: DUS30EDGE0908 Ref C: 2023-04-02T22:10:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 432ms
388ms Image
image/gif 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1680473437220&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e264902d-157e-4c97-9c5f-94a50f4b5e9c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame CE41 0
72 B 24ms
21ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:37 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1680473437013&cv=11&fst=1680472800000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=0&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=988294558&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/698108511/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/698108511/?random=1680473437013&cv=11&fst=1680472800000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=0&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=988294558&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame 6FBD 42 B
401 B 107ms
57ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNSHmrKbjP4CFXDAOwIdAhIAXA;src=10230056;type=ret01;cat=land01;ord=6733153137497;gtm=45fe33t0;auiddc=1481716506.1680473437;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 9D36 565 B
403 B 38ms
38ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 22:10:37 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4563618592459609

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 154ms
63ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=QNA9z0zDXPnZg&cb=0&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-9%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-10%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-11%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-12%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: ZE081QZZDGNETC0BK7C6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: zajL9m7mELDyvWRnQEBKUnjRYicDJUDUtEG6_myzCjTDbG3jtj-P3w==

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 120ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 29ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H2 200 s96094779690985 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LDQM/ 43 B
329 B 29ms
29ms XHR
image/gif 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LDQM/s96094779690985

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 03 Apr 2023 22:10:37 GMT
server: jag
etag: 3608789226920378368-4619377984050423366
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sat, 01 Apr 2023 22:10:37 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
10 KB 294ms
294ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016736509891281&correlator=2576289092412546&eid=31072019%2C31072879%2C31073289%2C31072997&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600%2C134x170%2C134x170%2C134x170%2C134x170&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276%2C2480448003%2C4090677273%2C4090677272%2C4090677279&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x600%26hb_pb_ozone%3D0.08%26hb_adid_ozone%3D3933ea3e0aedaa-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D3933ea3e0aedaa-0-oz-0%26hb_bidder%3Dozone%26oz_size%3D300x600%26oz_adId%3D3933ea3e0aedaa-0-oz-0%26oz_pb_r%3D0.07%26oz_pb%3D0.07%26oz_pb_v%3D2.7.0-torstar-ix-cad-fix%26oz_imp_id%3D3933ea3e0aedaa%26oz_bid%3Dtrue%26oz_winner%3Drubicon%26oz_auc_id%3D846369cf-bb2d-4bf2-9e96-9fa149253e60%26oz_rubicon_pb_r%3D0.07%26oz_rubicon_adId%3D3933ea3e0aedaa-0-oz-0%26oz_rubicon_adv%3Dpensandpatron.com%26oz_rubicon_crid%3D2249%253A633924419514%26oz_rubicon%3Drubicon%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_entertain%252Cgv_death_injury%252Cts_pl_nws_lctns_cnd_ntnl%252Cgt_negative%252Cgs_politics%252Cgv_crime%252Cgs_auto%252Cgs_politics_misc%252Cts_bz_ndstry_gnrl%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_bz_cnmy_gnrl%252Cgt_negative_anger%252Cts_sprts_ctvty_bsktbll%252Cts_tch_cmptng_ntrst_gnrl%252Cts_grcry_rtlr_typ_grcry_str%252Cgs_entertain_movies%26tkspo%3D10%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26prmtvsdk%3Dweb&ppid=41585824449261794674025791074806440877&sc=1&cookie_enabled=1&abxe=1&dt=1680473437730&lmt=1680473437&dlt=1680473433339&idt=1401&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245%2C244%2C528%2C812%2C1096&adys=0%2C0%2C987%2C3399%2C4983%2C6715%2C8095%2C2361%2C3567%2C3567%2C3567%2C3567&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x0%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&msz=1x-1%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&fws=0%2C512%2C512%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=978834447.1680473435&ga_sid=1680473438&ga_hid=2089364244&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff3688e860c33cccd0bac6d89cb2c571ed9f78aed7afa9ff4a296c38665a80c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10689
x-xss-protection: 0
google-lineitem-id: -2,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 116ms
70ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a1300b34d3eed29e9beba850447417dfa3c8861094065a5222582b5f73d07bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11229
x-xss-protection: 0

GET
H2 200 container.html Show response
63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D67 6 KB
3 KB 186ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:37 GMT
expires: Mon, 01 Apr 2024 22:10:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 149ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 22:10:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D29 13 KB
5 KB 28ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 39045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 11:19:53 GMT
expires: Mon, 01 Apr 2024 11:19:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3700 783 B
535 B 33ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af87df62f211ecee4b0b11916cc0faa8161d1f74eb50ef447e0c780dc6aedccc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o5SsHkOM-cwN8w3RDcb2ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-o5SsHkOM-cwN8w3RDcb2ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:38 GMT
expires: Sun, 02 Apr 2023 22:10:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA2E 6 KB
3 KB 32ms
31ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:37 GMT
expires: Mon, 01 Apr 2024 22:10:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3700 0
0 58ms
58ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303270101&jk=3016736509891281&rc=05AJrWKeWIxa0LCrkPNlej0IGDqpqas7s5183PMBRUlwUHKvLSXFIANG0FzCO-tweD4qB6JcRS1vcjjCMjxXTDoHuB0n-nCgmXUcrgmvMyJLKCJ5g06kE7HGSAq7FYN_PN4k1FmfhT5GzYtv6oBJ-YmTFl29RzRtyGEQS5QRx_U93LiSwEnoPvAw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D29 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 07:52:24 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA2E 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3MqdXf0pZPW6MvGL7_UPz422gAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakC56MY7Ykvsj7gAgCoAwGqBKICT9BCFg2fKoadi_2mGePQRrNbZwcDTDwuzfU41aYH7Brp-yOMp062g03GmjQrZ1f-m3VzcYyO8Qo9fu4F6KkFnzW81HStwtYmdMRJv8caH2_Y_RvV_utbJonwXVfqA6k1j5p4cb1BmLrVX7xyL0-cCG7ALMluNYmuF3ZnEifBbAVDn7iuMSg2t8fvN3GpsKbuHPDBkRTNuJApmCSyqvkzjNqlNoDFIJHM3B4oZNqHKpZhg97qvPk4771hTQG9GH-uL3sKA4LLoFqIaWfz5rwfDYFReRpEFHmWxxOH5kUafJ8G-vOl50HIQQg1vAHCR0tsd0W6TsRxa3wvdjQeKvUqmOBRn60Aiz4pEHAh2GusblBPylBZzj6Bq7RHMjsoaSPLnRTgBAGABv7gi67Yl-yrCqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=B_c1NhCNeLE&uach_m=[UACH]&cid=CAQSTQDUE5ymq2E9g0zdBaXugoUgptN_-GH-Aeiz-dPgyCU8HZGo5El0yH-djIlhJGCvDgJiM63JocdHHg-tdHfOTx3C-ZV2uws_IdSYlEWJGAE
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame DA2E 0
0 90ms
25ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k9f2EZmlBKwC2ASdg2ICAgAAACJKZIV_0s-Szv-shSCbaOUQXf0pZJJl0EYted39Zk0AABIAAAoKQVFVRER3RUJEdw&wp=ZCn9XQAMnXUIu8XxAA2GzzZAyt-b5Bcz4YAZMQ

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 123401
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 25EA 234 KB
59 KB 184ms
85ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCn9XQAMnXUIu8XxAA2GzzZAyt-b5Bcz4YAZMQ&u=%7CwLpuj1K698j0MfSa%2FYgCDvRO8b%2Bz66rUnJjfs42k0Aw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPY5gX1M2xsaUF6cPamj4xuFGEjE3lNdxVCvLnZ06gfA36JB3WUBt-FONX0kpZetYHg9aGIk9hfwAPrsDzVdSsHd-xdtnnZ4WCUsumJoOJXaOSXC46v9TVGYVxz_A4VV3DWnr2dhiSfB3f0lXBNBmiFeo01uNV4iaXMZ5X3a4tM3wlkbYpwD1N1bQTF0JEfh5C2w7onAPE2Rx7A9AlAwtcDkX3TmFVWkp45J2w_qZW2jQ-z8dI8Ypuk36Pd9MFk5GGuI0K3_BrclBhoMXFj1B8SOd8YKf1AfLoHkdMPMa21lBitN2rc_3VFUquOWtppFP9VF5dMcjzhwhS6Hucp8PGyHfq4s1e2GcyYMg5xOWt1H7snybDR3hudqM-5H1kIh8B0DJHZlXnExSNTYAyCX5ZaAD8qrfArZ0ej8K0nOnY1na5D_jtTAWnrNVZRleJiE2VH0QvmTvbqR37YIGpMQZpMpahk1TxN8eEgQZtZBzOiXudUu6rp79AWLzhIuaxou-sgRYVNGieF6_0G9rTiz-jT-et60OhSaahLT6W8sVqolRTxSKn_0V6dO5Z5NKo9S45oVGu6l1kDTDd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQYY0Xf0pZPW6MvGL7_UPz422gAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakC56MY7Ykvsj7gAgCoAwGqBKUCT9BCFg2fKoadi_2mGePQRrNbZwcDTDwuzfU41aYH7Brp-yOMp062g03GmjQrZ1f-m3VzcYyO8Qo9fu4F6KkFnzW81HStwtYmdMRJv8caH2_Y_RvV_utbJonwXVfqA6k1j5p4cb1BmLrVX7xyL0-cCG7ALMluNYmuF3ZnEifBbAVDn7iuMSg2t8fvN3GpsKbuHPDBkRTNuJApmCSyqvkzjNqlNoDFIJHM3B4oZNqHKpZhg97qvPk4771hTQG9GH-uL3sKA4LLoFqIaWfz5rwfDYFReRpEFHmWxxOH5kUafJ8G-vOl50HIQQg1vAHCR0tsd0W6TsRxa3wvdjQeaPcLCmfeA76_FyqKwE2HIGK4ZOZF5Ejbeva8DUb4LBcw7IlPjquu_pvgBAGABv7gi67Yl-yrCqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Vta2G-7BHU-tLWKtOdB-XvgKxUQ%26client%3Dca-pub-8188431425509997%26adurl%3D

Requested by

Host: 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

304e995ff61c0f7c8568554caaf07844b97af3e6dfab4f90326e83d688bba62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9ibhrsq70V6VhaMAuhO46banGhNBa7fUKtDZ1d2MV9E9wsbGJywZq5Crld2NpXyuJwHSTcoYzukBbei9T6wx4fkVCMiBgfVk4Ky-VMGkvRemj9W39y5WZwX_c66SdHBuyXeFxdfpf7C00XT9PuL0Wn6VvRY7Ddz3W6g-dpdwgP7a6AS0Sf4fwRSUlLZ_9JHHolzvPhMWkclQXQXNVpuISA2fD-XYFzDfHBZ31cHm2JfYmictM-6rR_R0IWexkYRiUGJ2Tw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63905488
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame DA2E 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 08:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:53:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame DA2E 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 22:31:02 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DA2E 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 09:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Mar 2024 09:36:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA2E 158 KB
49 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 22:10:38 GMT

GET
DATA 200
OK truncated
/ Frame DA2E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c51bff01f0501c6ccfee48252aac8f1acc6e53e1c77d9e0377a5e5cf28a10ea2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D29 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oIrNqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 25EA 2 KB
1 KB 63ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCn9XQAMnXUIu8XxAA2GzzZAyt-b5Bcz4YAZMQ&u=%7CwLpuj1K698j0MfSa%2FYgCDvRO8b%2Bz66rUnJjfs42k0Aw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPY5gX1M2xsaUF6cPamj4xuFGEjE3lNdxVCvLnZ06gfA36JB3WUBt-FONX0kpZetYHg9aGIk9hfwAPrsDzVdSsHd-xdtnnZ4WCUsumJoOJXaOSXC46v9TVGYVxz_A4VV3DWnr2dhiSfB3f0lXBNBmiFeo01uNV4iaXMZ5X3a4tM3wlkbYpwD1N1bQTF0JEfh5C2w7onAPE2Rx7A9AlAwtcDkX3TmFVWkp45J2w_qZW2jQ-z8dI8Ypuk36Pd9MFk5GGuI0K3_BrclBhoMXFj1B8SOd8YKf1AfLoHkdMPMa21lBitN2rc_3VFUquOWtppFP9VF5dMcjzhwhS6Hucp8PGyHfq4s1e2GcyYMg5xOWt1H7snybDR3hudqM-5H1kIh8B0DJHZlXnExSNTYAyCX5ZaAD8qrfArZ0ej8K0nOnY1na5D_jtTAWnrNVZRleJiE2VH0QvmTvbqR37YIGpMQZpMpahk1TxN8eEgQZtZBzOiXudUu6rp79AWLzhIuaxou-sgRYVNGieF6_0G9rTiz-jT-et60OhSaahLT6W8sVqolRTxSKn_0V6dO5Z5NKo9S45oVGu6l1kDTDd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQYY0Xf0pZPW6MvGL7_UPz422gAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N8gBCakC56MY7Ykvsj7gAgCoAwGqBKUCT9BCFg2fKoadi_2mGePQRrNbZwcDTDwuzfU41aYH7Brp-yOMp062g03GmjQrZ1f-m3VzcYyO8Qo9fu4F6KkFnzW81HStwtYmdMRJv8caH2_Y_RvV_utbJonwXVfqA6k1j5p4cb1BmLrVX7xyL0-cCG7ALMluNYmuF3ZnEifBbAVDn7iuMSg2t8fvN3GpsKbuHPDBkRTNuJApmCSyqvkzjNqlNoDFIJHM3B4oZNqHKpZhg97qvPk4771hTQG9GH-uL3sKA4LLoFqIaWfz5rwfDYFReRpEFHmWxxOH5kUafJ8G-vOl50HIQQg1vAHCR0tsd0W6TsRxa3wvdjQeaPcLCmfeA76_FyqKwE2HIGK4ZOZF5Ejbeva8DUb4LBcw7IlPjquu_pvgBAGABv7gi67Yl-yrCqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Vta2G-7BHU-tLWKtOdB-XvgKxUQ%26client%3Dca-pub-8188431425509997%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 25EA 2 KB
1 KB 63ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 25EA 308 B
636 B 61ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 25EA 293 B
621 B 61ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 25EA 43 B
348 B 62ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=b2vsAI154MYJnEYTCkimcXRKlCHOCX6rNBhAoWCaKTArfkm6HE8AjozenjPjOh4eOu2D9CutPwwIVgYHShA9w22kurBgQolZiCiXb_kCOS47PAuRvYUFCpm9LH-PzfxRJ7f1cTmkGGkTQIdMEIZ6s106i01lwA90dsOczKH7llp7AzHNkyJQl5zVAn27hyFzqEDZJd8GjmNnVsu0j7zAxTHTg8jaJ-J4rDgr2nkoksqQG-gmhGsyR7ssWy7kVqcVkGRIFNEHyiUIJGe7wn9Pz12sjJFI5H6zL5zItCj0E-OZRYbrG8dAvJ6I7t7_7fHfg7J9GfyE_AbcB_0tE0nw763pJKAMbxnpHguvtBPadrE2Evu2KzAK1Mi2BiVp3-UUB_HeMsqtV-d_CLdbugrUc0SnAMepv-Ydjxz6iz2mGWaJjq7c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1812021
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 25EA 12 KB
5 KB 57ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1773601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65aA3gV3dadN1T0Hdt7YFzP0XfHR0i%2FmNw6XVcWmIiAtVzEvCLRZBYXcnlW0wbHHNIE%2FuHzpQ4NNBn2p4VEAvzEX3EQh%2F%2FaCbqXAxMJoV%2FI5Gyd42lbLnKiLKOReuSfd2P6l44CFirAW6IdG72EU9y%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b1c672e4f020dfb-AMS
expires: Fri, 22 Mar 2024 22:10:38 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 25EA 12 KB
6 KB 53ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 2fff07bfb1494bb386bd3887cc50a5c1_hermes_maia_t4_bold-webfont.woff
static.criteo.net/design/dt/ Frame 25EA 39 KB
40 KB 108ms
65ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2fff07bfb1494bb386bd3887cc50a5c1_hermes_maia_t4_bold-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

6f44c69457e65c3fc082304cc2ff005d6386c3d652201bcd49b067204bd9b515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 30 Dec 2022 13:50:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"63aeecad-9de8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 a19e2e81998243c399f101fa463a1d8c_hermes-maia-t4-bold.woff
static.criteo.net/design/dt/ Frame 25EA 38 KB
38 KB 83ms
41ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a19e2e81998243c399f101fa463a1d8c_hermes-maia-t4-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43d568ecd3b26f05a839c869119066d3f671cbc707d002e4816bcc0d0803bfae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 30 Dec 2022 13:48:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"63aeec41-97b0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 14 KB
14 KB 90ms
31ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=5887&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F5887%2F230124%2F72d96141bb524d8f836193890751d5ae_logo_n_horizontal_15.png&v=3&w=596&s=C-l4MBBCp60l0mY1wFalhsJO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ea2236572ddb73cc9551a48e02761c8e48d1651b4e6e77f67bd46ba3e99ea780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14439
expires: Sat, 09 Mar 2024 10:00:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 24 KB
24 KB 84ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FMallorca_01_1200.jpg&v=3&w=800&s=IX9YjNFjUlig7RzIteUfWX61&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55e25ffd90cb5fb1d73bc4f8e95267981f06137d0f7cebe3fe49b58b5908f8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 24598
expires: Tue, 12 Mar 2024 06:51:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 43 KB
43 KB 99ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FAlgarve_01.jpg&v=3&w=800&s=4VnqQNbTLTj1h7RtLG53coJp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9e3d4c77f7cbb9767f079d68a925c5d0ba4225543e85eec3c313f9605533ed6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 43940
expires: Tue, 12 Mar 2024 06:52:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 54 KB
55 KB 113ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FCosta-Brava_01.jpg&v=3&w=800&s=oB2r3f0rP4WTHYK7TLu1whkQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

70f65087cf917e4407a3ea588051f11c75dc8a8ee569fe6f44127de2b962248a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 55764
expires: Tue, 12 Mar 2024 06:52:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 35 KB
35 KB 112ms
54ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FTenerife_01_1200.jpg&v=3&w=800&s=CSfqL2fxY4ONzvYWI8oyk_Ot&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ac6ac600055155d9508f5c91344f4d38fd154c021695f8c7e94ad1e2fbe93bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 35670
expires: Tue, 12 Mar 2024 07:05:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 19 KB
19 KB 109ms
51ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FRome_01.jpg&v=3&w=800&s=2RGw4_RQX3GD5ZyE2bFV-cZs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7328a504bb54fed75618a15681f0d6723ea228932f7013ceb6b6dfefe5d60ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 19680
expires: Tue, 12 Mar 2024 06:51:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 35 KB
35 KB 55ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FMalta_01.jpg&v=3&w=800&s=bSBq57ckkXnz8lyMkAM-uEBX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffb33cb84b80fdbfcee5dcb1f179890741dfe54d830cf9eea42be0a1e59b35ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 35688
expires: Tue, 12 Mar 2024 07:32:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 19 KB
19 KB 51ms
51ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FFuerteventura_01_1200.jpg&v=3&w=800&s=nTpq2ZSqJQ4nxxFgrkdZzDXd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

803da1bb4847686a77ebf4d0d603c1eaa0557a412488f3ea32a8205724fa6416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 19526
expires: Tue, 12 Mar 2024 06:52:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 58 KB
58 KB 66ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FCorfu_01.jpg&v=3&w=800&s=wi_YLWZj50m1uHjsCopox1j2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a3c58ad667efe3777a58169e026d87930a362ee19b7854d630d131dd118c2896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 59254
expires: Tue, 12 Mar 2024 06:51:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 39 KB
39 KB 62ms
62ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FSide_01_1200.jpg&v=3&w=800&s=HCuaXufWX1HuC3GzANt6DB5v&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a6a93ea3efdcf82eb1099512101ba3d432a39c97c5d6de89979d21529b19455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 40162
expires: Tue, 12 Mar 2024 07:30:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 29 KB
30 KB 65ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FPuglia_01.jpg&v=3&w=800&s=4h8UDQ5f-Llrs87u0bcoHpM7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

01a83658541314d728f01a4458e2d71cba25ea0103cb708a47e1f834947db881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 30100
expires: Tue, 12 Mar 2024 07:31:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 33 KB
33 KB 60ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FLara_01.jpg&v=3&w=800&s=Di3HL-dxVj5Eyp0DCUsgBm6N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e0664707c4737994a0722cfe05f74c03771c98dbf0cd5f1362c1d811506a969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 33780
expires: Tue, 12 Mar 2024 06:51:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 25EA 32 KB
32 KB 63ms
63ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fcdn.prijsvrij.nl%2FUpload%2FDocumenten%2FCriteo%2Fbestemmingen_images%2FIbiza_01_1200.jpg&v=3&w=800&s=v6LsBu72fSwgl_DA6B5G-T9A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f29df0be8af772a692c5aefb5732ea9c7e0ed34c0070b7d0cb057ce21dd0c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 32842
expires: Tue, 12 Mar 2024 07:57:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 25EA 0
128 B 65ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9ibhrsq70V6VhaMAuhO46banGhNBa7fUKtDZ1d2MV9E9wsbGJywZq5Crld2NpXyuJwHSTcoYzukBbei9T6wx4fkVCMiBgfVk4Ky-VMGkvRemj9W39y5WZwX_c66SdHBuyXeFxdfpf7C00XT9PuL0Wn6VvRY7Ddz3W6g-dpdwgP7a6AS0Sf4fwRSUlLZ_9JHHolzvPhMWkclQXQXNVpuISA2fD-XYFzDfHBZ31cHm2JfYmictM-6rR_R0IWexkYRiUGJ2Tw&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 25EA 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame CBA6 12 KB
4 KB 71ms
70ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3927666530e6096dcc9e840690f741c1e92c5479d06a1445ee15b7e9abd051

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b1c672eb8c19174-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 22:10:38 GMT
expires: 0
last-modified: Thu, 30 Mar 2023 08:21:21 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 25EA 2 KB
899 B 22ms
21ms Stylesheet
text/css 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 25EA 16 KB
17 KB 26ms
26ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 22:10:38 GMT

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame CBA6 16 KB
6 KB 80ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b1c672f88d41c82-AMS

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame CBA6 4 KB
1 KB 66ms
66ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7e327d0b4fe67049d5f904f0d09be5c33c7342de5115eef5d814208f0f1d7e

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b1c672f69b29174-FRA
expires: 0

GET
H/1.1 451
Unavailable For Legal Reasons PrebidServer
crb.kargo.com/api/v1/dsync/ Frame CBA6 0
462 B 97ms
20ms Image
text/plain 3.75.26.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.26.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-26-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:38 GMT
X-Accel-Expires: 0
Vary: Origin
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame CBA6 0
239 B 146ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303270101&jk=3016736509891281&bg=!09Cl0ITNAAbEgrg45II7ADkAdvg8WtP5GNZDvgSGUWptYawth0ARaBBuR92SFo4Hf3o-vdCYgxPs-KUCZEQepUa_k24ORl_zA0oCAAAAelIAAAAOaAEHmQKT62Sdsu-sFE2oAm7mQ2Z8FsVkWcx1BKIx5xYpgi-5-Ii0bLjNGRqLc21WZJsvbm7E5-iCdEb2lPTc_zW5WITZzYuDD6ZW4b9HfaGLV_R8ywGn7UvgIa_fnw3yqw0ITkQNaPUO39NJT0MxqW5sSmfDslQpx4TCFkZg3ilHr5uV4agBTpNgBkW39PIBwFbVw5KqI4fVp0bh7zwW4nVa57wHKlBfo60-LGjA3h_iKkHTIZG1lQWfmgL95pyyP0eZ1FesFDhLpOe52ai67Y0_eyxX-lTvoWU6YGtcHyPKy6OizVr-yDB5J8mwd7_EzWaEEsNwJIIDVaE2rNF-r5kpsyL9j87LWLg4HVA44eBR7285SoBBXVQsyvEnjjuuvk3c85cHBigdtgiNzQb28p9I5I0-pDn6ishjTtEu_qhyNuH0dE_JvrToMIvApjy2M-QNkhazwQ-xJLSZRJLo0U6M1ewFb05dbmw2QDlaZchEAcuEO_7DgR_ZHl_0wy7a32wbcjNOaC3fwVtSgAlFib9SHkZggqPgLYGTLaE-EVzUXza0pcfq4_ls5MiuuwAzAJrMo3eApVhA-jfpjGwZwQ3Mj_qnTYw9N9KXjiMSa1wImZL8W-Kq0V8ZtDaeo30ne1lyZ14qdoA72sFp4QWItRa4GodgYfrnOK40EHvNQMpglUrnIgxvxhorUPJWe77zy6p3K47C65bbMGcp3IN7qPatlCkYZCj1-fQOj4HRuRihfGreaCLr5S9_abD_M_xvsNq9dxF0UROUXTfJly_pFKue_4p-NSFgwYmUCt5P0GLD1Uf14CA42DM269yEHzgd5TqslKv_WCkTguY5hMZNf84FO7MSKvoPlw_m19e6MotmpsAbaQWBXOo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=013bdc42-e008-463c-8ead-943c4940b392

0
318 B

68ms
68ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=013bdc42-e008-463c-8ead-943c4940b392
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c67322d549174-FRA
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=013bdc42-e008-463c-8ead-943c4940b392
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 0hm0p47h14tkk93b0lnp6umcpfk6mm4u

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=67dd5b74-4ee9-4fa6-9aad-385373f551e0

0
434 B

64ms
63ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=67dd5b74-4ee9-4fa6-9aad-385373f551e0
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c67341f7e9174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=67dd5b74-4ee9-4fa6-9aad-385373f551e0
access-control-allow-origin: *
date: Sun, 02 Apr 2023 22:10:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHzXk7IU_sAACFD2RagfA

0
544 B

64ms
63ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHzXk7IU_sAACFD2RagfA
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c6735a9909174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHzXk7IU_sAACFD2RagfA
Date: Sun, 02 Apr 2023 22:10:39 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7589882093566038755

0
653 B

63ms
62ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7589882093566038755
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c6736eb3f9174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7589882093566038755
date: Sun, 02 Apr 2023 22:10:39 GMT
content-length: 0

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 27ms
25ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:39 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 24ms
24ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Apr 2023 22:10:39 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae684a93-6218-48bf-a8f4-b53a4d47722b

0
885 B

61ms
61ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae684a93-6218-48bf-a8f4-b53a4d47722b
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c67380c9a9174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae684a93-6218-48bf-a8f4-b53a4d47722b
date: Sun, 02 Apr 2023 22:10:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame CBA6 0
0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2304783842742512099570

0
891 B

68ms
67ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2304783842742512099570
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c67391dba9174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2304783842742512099570
date: Sun, 02 Apr 2023 22:10:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame CBA6 0
355 B 85ms
20ms Image
text/plain 3.127.130.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.130.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-130-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:40 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CBA6 70 B
265 B 100ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=16a7f416-5f37-4396-9526-21ca54bc55de

0
1021 B

62ms
62ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=16a7f416-5f37-4396-9526-21ca54bc55de
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c673be8b79174-FRA
content-length: 0
expires: 0

Redirect headers

Location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=16a7f416-5f37-4396-9526-21ca54bc55de
Date: Sun, 02 Apr 2023 22:10:40 GMT
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
Content-Length: 151
Content-Type: text/html; charset=utf-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 05E3 16 KB
6 KB 89ms
21ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43280
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 02 Apr 2023 22:10:40 GMT
expires: Mon, 03 Apr 2023 10:12:00 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 05E3 2 KB
3 KB 75ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44323880&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 302421a48307d0c45ead4d30610bb9a0acfc0d7aa3fb21b3d4665b9ae51ab383

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 22:10:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 95B0
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6577079151584028122

42 B
274 B

31ms
24ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6577079151584028122
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6577079151584028122
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9C5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7dd66429-fd61-4900-8c14-a2c31626a806&gdpr=0&gdpr_consent=

42 B
554 B

75ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7dd66429-fd61-4900-8c14-a2c31626a806&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 02 Apr 2023 22:10:41 GMT
Expires: Sun, 02 Apr 2023 22:10:40 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 711 dd187f8 master zrh-pixel-x3 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7dd66429-fd61-4900-8c14-a2c31626a806&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 0D7D 43 B
363 B 96ms
24ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 22:10:40 GMT
expires: Sun, 02 Apr 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 351493
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6B49
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs

42 B
414 B

82ms
20ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 02 Apr 2023 22:10:41 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame F20A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

196ms
195ms

Document
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Apr 2023 22:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7V918K8C62C37BH6RA9M

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 02 Apr 2023 22:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: J48FYDPSG03MS070VZMZ

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DD5L-P3HTfO-lJYc_zL_6g%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

22ms
22ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:41 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43279
accept-ranges: bytes
content-length: 5554
expires: Mon, 03 Apr 2023 10:12:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 05E3 49 B
265 B 113ms
31ms Image
image/gif 34.248.100.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.100.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-100-85.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.99
content-length: 49
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 05E3
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2045594517

0
68 B

22ms
21ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2045594517
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
via: 1.1 google
last-modified: Sun, 02 Apr 2023 22:10:41 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
via: 1.1 google
last-modified: Sun, 02 Apr 2023 22:10:40 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2045594517
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 05E3
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTI0d0RqeENjcVhRZUtzNTkxejItb1dGUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=7995486750970528975&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

102ms
101ms

Image
image/png

54.236.117.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: HTTP/1.1
Server: 54.236.117.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-117-9.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 22:10:41 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 02 Apr 2023 22:10:41 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 05E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMzRTRCRjgtRkRDNy00REYzLUJFOTQtOTYxQ0ZGMzJGRkVB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

59ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 05E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRIYVAGDjKV93A82UzZZKk&google_cver=1

42 B
302 B

35ms
22ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRIYVAGDjKV93A82UzZZKk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRIYVAGDjKV93A82UzZZKk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 05E3 43 B
610 B 73ms
18ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 01 Apr 2023 22:10:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 05E3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7995486750970528975

42 B
298 B

33ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7995486750970528975
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Apr 2023 22:10:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7995486750970528975
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 05E3 70 B
264 B 34ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Apr 2023 22:10:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8092106870159333018

0
1 KB

65ms
64ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8092106870159333018
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c6743592d9174-FRA
content-length: 0
expires: 0

Redirect headers

Date: Sun, 02 Apr 2023 22:10:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.17.184.1; 185.17.184.1; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6c50b04f-57f3-4cce-8e2f-70f90202d39a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8092106870159333018
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FGyyDlZE2uF0d1Ne0yUVKjwMCf6FBeZ7zD1grk0-~A&gdpr=0

0
1 KB

62ms
61ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FGyyDlZE2uF0d1Ne0yUVKjwMCf6FBeZ7zD1grk0-~A&gdpr=0
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c67448a779174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-FGyyDlZE2uF0d1Ne0yUVKjwMCf6FBeZ7zD1grk0-~A&gdpr=0
date: Sun, 02 Apr 2023 22:10:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7995486750970528975

0
1 KB

62ms
61ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7995486750970528975
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c6745cc1c9174-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7995486750970528975
date: Sun, 02 Apr 2023 22:10:42 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CBA6 0
277 B 219ms
15ms Image
text/plain 216.52.2.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 02 Apr 2023 22:10:42 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame CBA6
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZCn9YqFh4PoqfEa8oxEPuAAA%263315

0
2 KB

67ms
67ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZCn9YqFh4PoqfEa8oxEPuAAA%263315
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 22:10:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7b1c6748aee29174-FRA
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 22:10:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZCn9YqFh4PoqfEa8oxEPuAAA%263315
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

POST
H2 204 rum Show response
elb.the-ozone-project.com/cdn-cgi/ Frame CBA6 0
212 B 23ms
23ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.the-ozone-project.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fb8f6aea-265e-4514-b834-b680a1fa27f7&publisherId=TKN100000001&siteId=4204204311&cb=1680473435436&bidder=ozone
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Sun, 02 Apr 2023 22:10:42 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://elb.the-ozone-project.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7b1c67491fb59174-FRA

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 05E3 0
260 B 82ms
14ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:10:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

111 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
z737.thestar.com/DG/DEFAULT	1970-01-20 20:23:53	Name: BCSessionID Value: 9cd8d860-f947-4f6f-b341-5be953c13fd4
torstar.blueconic.net/DG/DEFAULT	1970-01-20 19:33:29	Name: BCSessionID Value: 9cd8d860-f947-4f6f-b341-5be953c13fd4
www.google.com/recaptcha	1970-01-20 15:07:05	Name: _GRECAPTCHA Value: 09AJrWKeWY-ndBD_pPslxbFXAOUd3PAarsdTV8wML5DILK0YAPDwvxaT4UK5piY6glbuegb7xZYu2rnNqus9-DFn4
user.omidrezaei.click/	1970-01-20 19:34:55	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 19:33:29	Name: last_visit_bc Value: 1680473433580
.thestar.com/	1970-01-20 19:33:29	Name: bc_tstgrp Value: 4
.thestar.com/	1970-01-20 19:34:55	Name: _vwo_uuid_v2 Value: D1D721CCCB341C13571318074B67654C7\|48dc2651c01ac7473055baf5b57f3a3b
.thestar.com/	1970-01-20 15:11:24	Name: permutive-id Value: a2528282-ce5a-4c6f-9a26-a41cf0a00126
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 12:58:55	Name: pxid Value: 06e011e1-5b79-4ee4-9070-4aabcf32faba
.demdex.net/	1970-01-20 15:07:05	Name: demdex Value: 41599954897915910414022698319737780647
www.thestar.com/	1970-01-20 11:31:05	Name: AccessToken Value: idv2lfzyhseu6kc4aynwjkf7cxg5elb9vb
.scorecardresearch.com/	1970-01-20 20:23:53	Name: UID Value: 17982e5cd0fef4615fd1fb61680473434
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 3b10e5c0-a5fc-442d-930c-20ae067d4152
.thestar.com/	1970-01-20 19:33:29	Name: _ig Value: e0e2e504-3ef1-448c-b2f1-8985e76b1783
.thestar.com/	1970-01-20 10:49:19	Name: _gid Value: GA1.2.1286074072.1680473435
.thestar.com/	1970-01-20 10:47:53	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 20:23:53	Name: s_ecid Value: MCMID%7C41585824449261794674025791074806440877
.thestar.com/	1970-01-20 10:47:53	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 20:23:53	Name: local_ga_B4CQN4KW3R Value: GS1.1.1680473434.1.0.1680473434.60.0.0
.thestar.com/	1970-01-20 20:23:53	Name: local_ga Value: GA1.1.978834447.1680473435
.everesttech.net/	1970-01-20 19:33:29	Name: everest_g_v2 Value: g_surferid~ZCn9WgAAAFExugMx
.thestar.com/	1970-01-20 20:23:53	Name: _ga_6FZFMVVWVN Value: GS1.1.1680473434.1.0.1680473434.60.0.0
.thestar.com/	1970-01-20 10:47:55	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1680473434729%2C%22slts%22:0}
.dpm.demdex.net/	1970-01-20 15:07:05	Name: dpm Value: 41599954897915910414022698319737780647
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1680473434800
www.thestar.com/	1970-01-20 11:31:05	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 20:23:53	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19450%7CMCMID%7C41585824449261794674025791074806440877%7CMCAAMLH-1681078234%7C6%7CMCAAMB-1681078234%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1680480634s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19457%7CvVersion%7C5.5.0
.www.thestar.com/	1970-01-20 20:23:53	Name: ts_s_ecid Value: MCMID%7C41585824449261794674025791074806440877
.thestar.com/	1970-01-20 20:23:53	Name: _ga Value: GA1.2.978834447.1680473435
.thestar.com/	1970-01-20 10:47:53	Name: _gat_sirwidgets_0 Value: 1
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 9cd8d860-f947-4f6f-b341-5be953c13fd4
.the-ozone-project.com/	1970-01-20 10:47:55	Name: __cf_bm Value: VsEod1zaGOCDIV0dkYht5qqDY5NTo2iXwhysZVpA.d4-1680473435-0-AWcsqNc9vHh4xHIDKs8x9XJhQw3HE+laSQ5n21M0Udk9/fAj2RIb3WYzXI0h9pYQoNyJHZGhb5+ISZeAoIrcr7w=
torstar.blueconic.net/	1970-01-20 10:57:58	Name: AWSALBCORS Value: u2fwy2jxgjaV3KSrUUgi2D5RegflJFg4NzgFnVrX/SDSC+kpY6ZW4JNvuPfc5XMW7DYPFqG/bwGOK/6IBuJbFpJdILdKFnZgkuiMqAyetVeMhjA27L/L8MimO65M
www.thestar.com/	1970-01-20 19:33:29	Name: selectedPersonalizedCategories Value: []
www.thestar.com/	1970-01-20 19:33:29	Name: personalizedListModeEnabled Value: true
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 20:17:17	Name: _parsely_visitor Value: {%22id%22:%22pid=6bc4a2b7221a19a8b0a3834ec60cafe1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1680473434729}
www.thestar.com/	1970-01-20 19:33:29	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.thestar.com/	1970-01-20 12:57:29	Name: _fbp Value: fb.1.1680473436721.1538805450
z737.thestar.com/	1970-01-20 10:57:58	Name: AWSALB Value: t1FfSg4DHZPqy06yrtizImkAwFocyLiRNYVib8+UrpDCZ1SfHzjPXnT0PcJpoR1tpMm/jJ+qUsViLhE1X/hYuubh7i8PpspkF349HdqH3kXuWt4hGmR9jVm0ROZ0
z737.thestar.com/	1970-01-20 10:57:58	Name: AWSALBCORS Value: t1FfSg4DHZPqy06yrtizImkAwFocyLiRNYVib8+UrpDCZ1SfHzjPXnT0PcJpoR1tpMm/jJ+qUsViLhE1X/hYuubh7i8PpspkF349HdqH3kXuWt4hGmR9jVm0ROZ0
.thestar.com/	1970-01-20 12:57:29	Name: _gcl_au Value: 1.1.1481716506.1680473437
.t.co/	1970-01-20 20:23:53	Name: muc_ads Value: bbfc87d0-b8d6-403b-a5f3-aae64b7c4520
.twitter.com/	1970-01-20 20:23:53	Name: guest_id_marketing Value: v1%3A168047343711814017
.twitter.com/	1970-01-20 20:23:53	Name: guest_id_ads Value: v1%3A168047343711814017
.twitter.com/	1970-01-20 20:23:53	Name: personalization_id Value: "v1_oN1wu3VoCNjfAPdanZ46fg=="
.twitter.com/	1970-01-20 20:23:53	Name: guest_id Value: v1%3A168047343711814017
.thestar.com/	1970-01-20 10:49:19	Name: _uetsid Value: 324c7640d1a311ed9c984d62e5d197ab
.thestar.com/	1970-01-20 20:09:29	Name: _uetvid Value: 324c8080d1a311edafb9ed923698aa0c
.thestar.com/	1970-01-20 12:57:29	Name: _rdt_uuid Value: 1680473437219.e264902d-157e-4c97-9c5f-94a50f4b5e9c
.bing.com/	1970-01-20 20:09:29	Name: MUID Value: 386B32440262600C02E420A303C8615B
.doubleclick.net/	1970-01-20 20:09:29	Name: IDE Value: AHWqTUldm5M2_YObRhuXGr8q6oMFUX4FN3RDtGNgSgG9t5oaiTGyN8gAvz103Yh1EA8
.thestar.com/	1970-01-20 19:33:29	Name: _pin_unauth Value: dWlkPU5qQTJOVFk0TmprdE5XVTFNaTAwWVRVeUxXRTVZekV0TVdRME5tUmxOalJrTUdRdw
www.thestar.com/	1970-01-20 10:49:19	Name: ln_or Value: eyIzMTE2ODY4IjoiZCJ9
.linkedin.com/	1970-01-20 11:31:05	Name: UserMatchHistory Value: AQKP7Wz02QlFzwAAAYdEBbSW8BpKtH8c6MFaS1lQjnddXoutS0N32dKdcS6z2qM0202cU1ST0uSq-g
.linkedin.com/	1970-01-20 11:31:05	Name: AnalyticsSyncHistory Value: AQL86Ma0u4RyNAAAAYdEBbSWp-QJy3r8btTxksFUu3UmyteylCfbmxLOibrw5rC1mVyujFl9fAbBRSfO4iSWzg
.linkedin.com/	1970-01-20 19:33:29	Name: bcookie Value: "v=2&19cb893e-6c6b-47ef-8d1d-8d6ed98fea0c"
.linkedin.com/	1970-01-20 10:49:19	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2627:u=1:x=1:i=1680473437:t=1680559837:v=2:sig=AQEllazgj4L4RU_GdaohGqcdra8pA0E0"
.www.linkedin.com/	1970-01-20 19:33:29	Name: bscookie Value: "v=1&2023040222103723712072-7d15-4d08-83c2-4d5824f60f3fAQFZpx2ZOtP3qJoxyFEtrAuPgoFZNUBe"
.linkedin.com/	1970-01-20 15:07:05	Name: li_gc Value: MTswOzE2ODA0NzM0Mzc7MjswMjHUet03klG2YsuBG0tBOc1OSge0WxCfPdbuPcbzTsnJXQ==
.thestar.com/	1970-01-20 11:31:05	Name: s_nr Value: 1680473437716-New
.thestar.com/	1970-01-20 19:33:29	Name: s_nr2 Value: 1680473437717-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 20:09:29	Name: __gads Value: ID=6d7a17ce192d6a38:T=1680473437:S=ALNI_MZZU9Mf3pDHkk6djjogJLQFZejfRg
.thestar.com/	1970-01-20 20:09:29	Name: __gpi Value: UID=00000bd063a6cddf:T=1680473437:RT=1680473437:S=ALNI_Mbg7jauVTlGhIazo3_x9Pmrq2nzgg
.the-ozone-project.com/	1970-01-20 12:57:29	Name: ozone_uid Value: 2NtBL6OQ7Mi5Xkzlo8kgB0e0MV4
.kargo.com/	1970-01-20 19:33:29	Name: ktcid Value: 837f729b-5007-068b-5a61-ce29663360bd
.openx.net/	1970-01-20 19:33:29	Name: i Value: eb496cd4-f010-4a22-bff7-9cc1ac3c42e2\|1680473439
.360yield.com/	1970-01-20 12:57:29	Name: tuuid Value: 67dd5b74-4ee9-4fa6-9aad-385373f551e0
.360yield.com/	1970-01-20 12:57:29	Name: tuuid_lu Value: 1680473439
.bidr.io/	1970-01-20 20:16:27	Name: bito Value: AAHzXk7IU_sAACFD2RagfA
.bidr.io/	1970-01-20 20:16:27	Name: bitoIsSecure Value: ok
.smartadserver.com/	1970-01-20 20:18:07	Name: pid Value: 7589882093566038755
.bidswitch.net/	1970-01-20 19:33:29	Name: tuuid Value: ae684a93-6218-48bf-a8f4-b53a4d47722b
.bidswitch.net/	1970-01-20 19:33:29	Name: c Value: 1680473439
.bidswitch.net/	1970-01-20 19:33:29	Name: tuuid_lu Value: 1680473439
.3lift.com/	1970-01-20 12:57:29	Name: tluid Value: 2304783842742512099570
match.sharethrough.com/	1970-01-20 10:57:58	Name: AWSALBCORS Value: 0bp101FKapxVl6kvbaqivxsfG7e3jJVt+SZNSN1aYXO/c5LMG04R9U6aKeEbl97idBpCV0yf9aHixDIYqweiagAoYWkdqRHSDQcoWgDnoMadfvR/zBk5nbmJzee6
ads.avct.cloud/	1970-01-20 19:33:29	Name: uuid Value: 16a7f416-5f37-4396-9526-21ca54bc55de
.ads.pubmatic.com/	1970-01-20 10:49:19	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 19:33:29	Name: KADUSERCOOKIE Value: 0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA
.pubmatic.com/	1970-01-20 12:57:29	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:49:19	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 12:57:29	Name: DPSync3 Value: 1681603200%3A201_245_241_235
.pubmatic.com/	1970-01-20 12:57:29	Name: SyncRTB3 Value: 1681689600%3A35%7C1681603200%3A161_56_220_21_54_8_251_13_7
.weborama.fr/	1970-01-20 20:13:48	Name: AFFICHE_W Value: ChUpOJ3q8dIK48
.simpli.fi/	1970-01-20 19:34:55	Name: suid Value: DD414A2E70B442F1993CFC5D2693BD81
.mathtag.com/	1970-01-20 20:13:48	Name: uuid Value: 7dd66429-fd61-4900-8c14-a2c31626a806
.quantserve.com/	1970-01-20 12:57:29	Name: d Value: ELwBCwHUKPijAA
.quantserve.com/	1970-01-20 20:18:07	Name: mc Value: 6429fd61-00fca-0d7b4-14fbc
.adform.net/	1970-01-20 11:31:05	Name: C Value: 1
.de17a.com/	1970-01-20 19:26:17	Name: guid Value: 1.6577079151584028122
.adform.net/	1970-01-20 12:14:17	Name: uid Value: 7995486750970528975
.pubmatic.com/	1970-01-20 12:57:29	Name: KRTBCOOKIE_27 Value: 16735-uid:7dd66429-fd61-4900-8c14-a2c31626a806&KRTB&16736-uid:7dd66429-fd61-4900-8c14-a2c31626a806&KRTB&23019-uid:7dd66429-fd61-4900-8c14-a2c31626a806&KRTB&23114-uid:7dd66429-fd61-4900-8c14-a2c31626a806
.pubmatic.com/	1970-01-20 11:31:05	Name: KRTBCOOKIE_391 Value: 22924-7995486750970528975&KRTB&23263-7995486750970528975
.pubmatic.com/	1970-01-20 12:57:29	Name: KRTBCOOKIE_153 Value: 1923-BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs&KRTB&19420-BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs&KRTB&22979-BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs&KRTB&23462-BbPWKFXj0iAet9R3UObJIVewhiUettB3UeS0HpTs
.pubmatic.com/	1970-01-20 12:57:29	Name: KRTBCOOKIE_80 Value: 16514-CAESENRIYVAGDjKV93A82UzZZKk&KRTB&22987-CAESENRIYVAGDjKV93A82UzZZKk&KRTB&23025-CAESENRIYVAGDjKV93A82UzZZKk&KRTB&23386-CAESENRIYVAGDjKV93A82UzZZKk
.pubmatic.com/	1970-01-20 11:31:05	Name: KRTBCOOKIE_336 Value: 5844-6577079151584028122
.pubmatic.com/	1970-01-20 11:31:05	Name: PugT Value: 1680473439
.amazon-adsystem.com/	1970-01-20 17:22:27	Name: ad-id Value: A_4sEBIjb0Jxs1ok_bW4aKc
.amazon-adsystem.com/	1970-01-20 20:23:53	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 11:09:29	Name: arcki2 Value: i24wDjxCcqXQeKs591z2-oWFQ!20220908!1680473441293!ip#185.17.184.1
.audrte.com/	1970-01-20 11:09:29	Name: arcki2_pubmatic Value: 0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA!20220908!1680473441297
.audrte.com/	1970-01-20 11:09:29	Name: arcki2_ddp2 Value: i24wDjxCcqXQeKs591z2-oWFQ!20220908!1680473441440
.audrte.com/	1970-01-20 11:09:29	Name: arcki2_adform Value: 7995486750970528975!20220908!1680473441597
.adnxs.com/	1970-01-20 12:57:29	Name: uuid2 Value: 8092106870159333018
.yahoo.com/	1970-01-20 19:33:51	Name: A3 Value: d=AQABBGH9KWQCEO2oa5L4TGmRX-3de2BZoNgFEgEBAQFOK2QzZAAAAAAA_eMAAA&S=AQAAAlitxL5HO-0O2MtzYTJgNdI
.analytics.yahoo.com/	1970-01-20 19:33:29	Name: IDSYNC Value: 19bl~2ava
.the-ozone-project.com/	1970-01-20 12:57:29	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNzk5NTQ4Njc1MDk3MDUyODk3NSIsImV4cGlyZXMiOiIyMDIzLTA0LTE2VDIyOjEwOjQyLjIzNDA4MTQ4M1oiLCJzb3VyY2UiOiJjb29raWUifSwiYWRueHMiOnsidWlkIjoiODA5MjEwNjg3MDE1OTMzMzAxOCIsImV4cGlyZXMiOiIyMDIzLTA0LTE2VDIyOjEwOjQxLjgzODg1NjIzMloiLCJzb3VyY2UiOiJjb29raWUifSwiYXZvY2V0Ijp7InVpZCI6IjE2YTdmNDE2LTVmMzctNDM5Ni05NTI2LTIxY2E1NGJjNTVkZSIsImV4cGlyZXMiOiIyMDIzLTA0LTE2VDIyOjEwOjQwLjY1NjA2MDMwNVoiLCJzb3VyY2UiOiJjb29raWUifSwiYmVlc3dheCI6eyJ1aWQiOiJBQUh6WGs3SVVfc0FBQ0ZEMlJhZ2ZBIiwiZXhwaXJlcyI6IjIwMjMtMDQtMTZUMjI6MTA6MzkuNjUxMDQxODY0WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJncmlkIjp7InVpZCI6ImFlNjg0YTkzLTYyMTgtNDhiZi1hOGY0LWI1M2E0ZDQ3NzIyYiIsImV4cGlyZXMiOiIyMDIzLTA0LTE2VDIyOjEwOjQwLjAyOTg0NTU2OFoiLCJzb3VyY2UiOiJjb29raWUifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiNjdkZDViNzQtNGVlOS00ZmE2LTlhYWQtMzg1MzczZjU1MWUwIiwiZXhwaXJlcyI6IjIwMjMtMDQtMTZUMjI6MTA6MzkuNDA2NzE5NzI1WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJvcGVueCI6eyJ1aWQiOiIwMTNiZGM0Mi1lMDA4LTQ2M2MtOGVhZC05NDNjNDk0MGIzOTIiLCJleHBpcmVzIjoiMjAyMy0wNC0xNlQyMjoxMDozOS4wOTcxMDkwMDFaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6Ijc1ODk4ODIwOTM1NjYwMzg3NTUiLCJleHBpcmVzIjoiMjAyMy0wNC0xNlQyMjoxMDozOS44NDkyMTg0MzRaIiwic291cmNlIjoiY29va2llIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMjMwNDc4Mzg0Mjc0MjUxMjA5OTU3MCIsImV4cGlyZXMiOiIyMDIzLTA0LTE2VDIyOjEwOjQwLjIwNjIyNjk1MVoiLCJzb3VyY2UiOiJjb29raWUifSwieWFob29zc3AiOnsidWlkIjoieS1GR3l5RGxaRTJ1RjBkMU5lMHlVVktqd01DZjZGQmVaN3pEMWdyazAtfkEiLCJleHBpcmVzIjoiMjAyMy0wNC0xNlQyMjoxMDo0Mi4wMzU5MzA0MzRaIiwic291cmNlIjoiY29va2llIn19LCJiZGF5IjoiMjAyMy0wNC0wMlQyMjoxMDozOS4wOTcxMDY1NzZaIn0=

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9904612167097244, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9904612167097244, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414773084462? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414773084462?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID Message: Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C3E4BF8-FDC7-4DF3-BE94-961CFF32FFEA&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
63df3734ba741ee9e0664c98a381da44.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.nl
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.permutive.com
api.thestar.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.petametrics.com
cdnjs.cloudflare.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
crb.kargo.com
csm.eu.criteo.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmp.adform.net
dmx.districtm.io
dpm.demdex.net
eb2.3lift.com
elb.the-ozone-project.com
engagefront.theweathernetwork.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.thestar.com
img.sportradar.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
user.omidrezaei.click
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
z737.thestar.com
dmx.districtm.io
104.18.43.178
104.244.42.131
104.244.42.69
108.138.1.25
108.138.17.76
13.107.42.14
13.225.78.98
13.32.118.30
13.32.121.37
13.32.121.9
130.211.23.194
142.250.185.162
142.250.186.66
142.250.186.70
143.47.187.31
146.75.116.157
15.197.193.217
15.236.117.205
151.101.64.84
151.139.128.10
172.217.18.6
178.250.0.163
178.250.1.6
18.184.93.146
18.66.100.58
18.66.112.98
18.66.97.65
185.29.132.241
185.64.189.110
185.80.39.216
185.86.139.103
185.89.210.122
198.47.127.19
198.47.127.20
2001:4860:4802:34::36
213.155.156.182
216.52.2.39
23.35.236.201
23.35.237.151
2600:1f18:1430:9001:ab67:a243:7f3:713c
2600:9000:20eb:c000:2:53b2:240:93a1
2600:9000:2240:5a00:16:970:b940:93a1
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:890
2606:4700::6810:3965
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:af
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638::3
2a02:2638:d::c
2a02:26f0:3500:16::215:148d
2a02:26f0:6c00:1a0::1931
2a02:26f0:6c00::210:bb39
2a02:26f0:6c00::210:bb43
2a02:26f0:6c00::210:bb90
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:b0c0:3:f0::1bc:5000
2a04:4e42::396
3.127.130.178
3.75.26.198
3.75.62.37
34.107.254.252
34.111.129.221
34.120.23.223
34.198.148.95
34.248.100.85
34.255.162.196
34.96.102.137
35.186.253.211
35.190.14.224
35.204.74.118
35.241.9.51
37.157.3.30
37.157.6.253
51.104.28.77
52.210.163.253
52.214.13.138
52.222.247.205
52.222.250.165
52.48.226.112
52.51.127.121
52.94.223.167
54.236.117.9
54.72.144.202
63.34.81.234
69.173.144.139
76.223.111.18
79.132.128.78
0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958
01a83658541314d728f01a4458e2d71cba25ea0103cb708a47e1f834947db881
01cce77fdc05165e7d05a2769097acdbaec7aba8f7a7deeb9767b244f1383979
030129900c2f8d3dd54b0a753a69e62c682ce77f271fa712737dd9d4ade46c3d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29
07a42f786905c748c8088a19b66ec5041da9bdd610cc02c087a52b59b614c621
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0aa129c7e4eba725d6793b16776615f1dd97a34893a7cd7449c2c806a0ae1849
0e79c000b9803a2cfa05dbdae228cd50e2a13489d28727c701caa006ff3a2546
0edfbbfd3d479fc2f2e7d50a909c8bd81e158769fced7ee4bd400e9984d1a16b
107e417aeb47662140399a8d294cd7dd92a47b8f1899ed9122f20535f9d17619
113bae72ef4a6654f06e31331f8e5d8c5706c8a1d8dea318d832bde7b71e5dd8
11570ed3f3f81b02caa26113e1aeb70953cafc5787ef19a12044171d8f7e137b
12b49ff2b8fd853b8cb8b8cad3b88e668e24ffa98f00d54ab15c52a8828b434e
1315e0f4d14ae783cde42871fe304710c16ff8cdea5d31ba4916a6d644cfabb8
1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c
14314c968e3337c554c4ff9a88d0dfd0bf7d9e54061c41b7f5622705da2931ec
153372001ed3dce07a722948d11ac1554caea26087cc4272fae1d2a7027083af
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
1604a5ba0f2f61ff17add24c3796fbf2275d0d70d66dd0ec001a79218f5a3099
16750417552cc5aa4b790439bd91c0186fb17074fa08d112f5f5728407fc6656
168b0707f95f0c9690d5fc1ede64f1aa68981ed479825a77e68c49dfa3c5debf
17a8fee0592f26d6129b976247368d17d08127d8088667c8f3f4f83a88cf6533
17ae5e61f3df2b8eb6d2aa28ba2ecb28a920835140a88fe0b28081b2f517a1a7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abc023a8f82d102cd5b5397df30bedd4dc4537dd64f16d44c55580f1385cefa
1ac17b78f1087e8ff9654c573188654956f33a45a3a2b19e6fd371bb50946446
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b56154565c1712b271e61ffcdcf173b1168629512e5c331e2b3e6785ed963aa
1ba9f269afa818236f6f7ae2662aea09bf37a19989439a2b1d305f96bb0fa9db
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22700556b3465dff1eb7af5d7982bd307b1f297c6e12c767e4441e4c8936dad9
22a991c737f9f02ef489c41825ba85022cf36574369766409551038d294746c2
23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
2448306051d3626ff8800e30cda8ff1d44b30f6343e361b3a65ca67549bcdcab
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2603a4d360fec6dd6cca4af47a9d5d2b6eba4b8b8e22ea67cc6fa8254563a347
2680eac142f01027dba44ca81b2eedb794db7101ca15154a1c0efc35491850b6
2815ff1c0a514d51debec4dd31108daff6423c984e78a07d82eb8e2b63a6f5a3
282d282212de3d1a0a5c509b47b188e2a6bdc365daab73a3782ed6c6295c4805
2922b8e94b344cf6d86566936e5d5a369bb4f4e9a6eefd93a939e6c4c1fddf49
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d
2b64d7f63ad85faae72abe91b68f89018f6466a596b5d0a3d6d0dfafc36aa5e0
2b7e327d0b4fe67049d5f904f0d09be5c33c7342de5115eef5d814208f0f1d7e
2be6bdb02841741c7103902e309a4b04b9fabc531c8b129b8c20237294f742ff
2c50e78be37bb0b16176d33a37c788e33826177374f0698d958027c450b23de3
2d5d97b2a9003f4d291cfb64f59deb637fd0760ada1e38f7763b3737dc797a4e
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
2ef7b12077350a398a681fb54d6f69e80056e7fc6ea74118f52d203abdbe132e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302421a48307d0c45ead4d30610bb9a0acfc0d7aa3fb21b3d4665b9ae51ab383
304e995ff61c0f7c8568554caaf07844b97af3e6dfab4f90326e83d688bba62d
306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b
306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3613c97a7264fe23dc2da0690cc97d78812a3a36a5a6e303a48d954edcfaae49
3644264a33465399ca76bee9a04de8fdd50aec96e77a27c08492b360f6922213
37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
38bbd010c578bb5b15693574bd7c0cf217369f0074437e1d341d2a09484989f3
38ed670052bdc57208ac3e5a08184ea706ae43fdf42f5570a76a697d6f6de175
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452
3ddd69266ba709b1708253bdb638025f0fb930b4a1051fa40f51144da133a64a
3dddc83b0983fb7ba5f019e1afe0b461692519ff62f3c25f2302c49a4b7b984d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3f0f37c821ef83f7d39e96f91ce3fca63b304a164705b79c87e6315ad230fecd
4080d7a38d2c475a355471d435ecc82ae15f160da9540447f43679ccce312508
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
43d568ecd3b26f05a839c869119066d3f671cbc707d002e4816bcc0d0803bfae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4457f5c4f0c738541cd408ef71b7f9bbd1a19f56387c28b6eb2b6743f87789a0
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
4473281ce0dac0de1f6e9f6b22c605597d48ef9418b813865e7d242d3ef3a36d
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44fd0f8ecc0ad918588c29ceed15858e82f153e8f156faf229a668da461cd42b
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
461e00aa6587befefa9872b01e056554f6d10b6ac5cd486cd651149fe5d9b9d3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
492ea6b1b1f22538cb6afb7dc773c156d4e72e6ddbe00ca361da5977d8ddf7f5
499fd1c626a52d546f96ff61cdad02d4d42522bfa64e853806636070287ef3b6
49bd5cc239085142e293f889016f2329dfc5e6b96c4974468341c4af12bf343d
4a1f561fcc177aaf568e657cc285de519db46656d8cdd8d569261fd9b89719bf
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c
4ce6d6fd0629c86caa1f4aad713dd1de02aae611ed11a448b4f8eb5083b5f246
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee06340e9e460449a2f5e893c524035ec7263ce1171181e7361a27ffd8faaa0
4f29df0be8af772a692c5aefb5732ea9c7e0ed34c0070b7d0cb057ce21dd0c4d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50f3a013f02732e7f4db20ee54b8ba9a912eb8311d0b2f67852dfb42bc7eec7c
5255c0381c1190b70036c085b7c19d2cda7196619be90d334c9e5eb323ed0036
52c6b724460d1cc1eef6b6b43f27f26d9f17f392ca2148e0df83f05f3cbc9970
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55e25ffd90cb5fb1d73bc4f8e95267981f06137d0f7cebe3fe49b58b5908f8df
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
560e24df907bb41d893598a7bb8635ec6aaf81c474c711a5d048cbc812ee0ce5
563ef2ed3f9d0f46ac612d268d96164a269cc6e6689d85afbf5d647c4b026334
588a9a07b331ee9c0799fb916839b56e7a8da252cab3290b657a4c2858817f5b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59d65c96754b27f10b96cac8d482fa74a8e7a0b15661537acbd7d4e91da4127d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d1e9e112e4c8e32f2a73938919c2b27641fab77266e2b0d7b4f3f19dad2708c
5e0664707c4737994a0722cfe05f74c03771c98dbf0cd5f1362c1d811506a969
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5ed4ad29cdc26075c1ee1f1725a614341bdefdc3d7c4f46584a30a30fbae932c
5f38fdbb3a0b25f3fbd984e544b8f1cd33252c19757a23dad98582bd498e220d
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
62520e2cfc3b6a866ece5333da7262406cf84c60eb22fac968fd431e7322bda7
625cde91947d1cf86d031ed678b8942f45d7bcc7440f40abdb09f84d97038b57
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
62f777700ad7770a0736f98883f9836854f9cdbeb41fc2af810f42f63d32be1f
646cef873dec3647bf86ff6b201d6bf51eb8e69b16ae46164d018ea61c9dd89a
64dc4e78f543d8c984247ec25d330249ba4270fe33c2cb95ea79a56b9ee94fdf
64eb1841c385edc0225cb4f85b2ea001cc69cccee156dea5d99a28cfacfe9be9
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0
66ecab2d4b8110174f23e1fe92e91557649666276a67dbb14c12b4f141d55ad4
66f40f85eb7ccd6cb46884f2edca8b7bf2ed15dc79a7b57358d0a4b9ae6b3e63
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
6752ce06cd83cdff158e559b7694c23ed2e76d168745bfa19c8880d8b4ed1ad7
678b8d521a3fdf0520fe91f03d02964b7d343cc9d2bd058bf5eb4efb3ecac029
67e65d7c0da8f299eb5cce90c068377b4f4d988d4fd52f88a19f12bfc6ea866c
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6d5de546ffed976fe94294fdb2a9b2857cc269c075286ac7b3d15ca6de335ca8
6d8c6c8a5fe5ee2d3e08dda4414955d1946bfaeeec2c89685090e460faa7124f
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e8e85812f0ef89585c8b3a3fa876e6b8d396b10d24ba28c0df7bdb985589089
6f44c69457e65c3fc082304cc2ff005d6386c3d652201bcd49b067204bd9b515
6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df
70383e4fdc8faf079a78f6ce018b11b368aaae873674fd036adf1ebcb80bbeb6
70f65087cf917e4407a3ea588051f11c75dc8a8ee569fe6f44127de2b962248a
71eb3c4c4c77f1592680534b5ecee01acab75bebe24c941dbd448a7506df8058
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b760a716cb02fb4904c85240ec864c239cc2b3bc7b0c9be3f50d070033758d
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
7378bb30948ea6502b92a7dcf64fa47052f3e1157f0b5ab48a5c8a047fc03de4
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749a035f8cb91fb9b0bb07afd08659d854427ad0693b927061e77e7070968baa
77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980
77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3
7808143042fbcd9c83e7317c8093f5591090459cfcfeed13def9b6692b4cb33d
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7968d756ec269a914e5865fe0269c38a0be1961c483861687df9f30ab37e7323
79eff54975f1d24289239d6f06e634476788b5fc4ad8acfcb30a8c4f0c785259
7a1300b34d3eed29e9beba850447417dfa3c8861094065a5222582b5f73d07bf
7a42dac047c13d30244074e7c1caf24f3c12a5af603c8e15b79b1bb84236dcb5
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b95cd5fc12d603eb71470d4d2c81469d9d3da90aa473ac22f964708c17c0855
7b9d736296e51ab1b4f0bbc27a7278948475017df4c35b06fcced7712fcf6317
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ddeb3e9913d796ddcbd29b35dbb5b47738fb73766081a6192b8d2b81c00145a
7f86051dede7c72c3eb1fcf1c99b5fb74fa2ed9ab211b8397f3351e78c68a9ae
803da1bb4847686a77ebf4d0d603c1eaa0557a412488f3ea32a8205724fa6416
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837184829968a808940c14095538c4e793042ad1a0b6aae7e97bcbbf748b3272
83d854c625695fdcf3b5a05cae0e270808a60ac505d6760c01d924bbcd7678f9
84242d07bd804b647a31c9378eb34602611bba456006cf71f02b35a58ffc03f5
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
874e10980e11d7cad2d56c010f2966f85980aa037d1af07c45e988915fce37bb
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a6a93ea3efdcf82eb1099512101ba3d432a39c97c5d6de89979d21529b19455
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9129002b63bccf060bd09187e084972593041b512dbc5758be595024dd4c427b
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
93c270e3d09f2601438dd1066b9b017cbf846648cf7824dd434c20b64bd4311d
94221a65787d5a2b9f338694275ac372145a63950d91e29ca0b9ddbce1850496
94d9e5ef48e3ab454b4e21618558047eaa7d16e855c7a6020d38515a2a2f66c3
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
968ef660b9fd0ae5eba0e203f4222efcb5d7395052d9b5fd57ca60fbf6836173
978ddf3ddbf0fe3fb2aa857326a2dc7a202193a10b95b1d011328f162ab6e598
9824e94837a20868becd224aa351cbcd1c58a33cc41ad3db9833756604453d12
98b87dda3916addb47464ca89c528b9b4224c6b16a979c7b970c572d0405b8b1
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
9a40b0daed94f89fa6d569b4884fa3521ee227754264dfd6549e58d15a116c1f
9aab72897b7088cf44e1ef24caf460a004c1bcbf178af8887ac2e2b8f5532c81
9b12275083323ceb51a146fe53c7a412e63aedbbf7a75d709f65b966dedd35bb
9bef2545e0d85e8741a578c389a2e56bf3c4206c54585a78f5e43b219874b1d0
9e3d4c77f7cbb9767f079d68a925c5d0ba4225543e85eec3c313f9605533ed6f
9eb86c9033f937c3c20b310926eb81ed455236e64ac4955543cdc80ac9b80e83
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a16f5391af83443ff5d7b7e037a679cef2799d3dbdd09a03df59b76589d3b7b1
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f861a7a85b9fda9adb6163a9f723328e5c4f6489bc6eee272c36851eb0076d
a3c58ad667efe3777a58169e026d87930a362ee19b7854d630d131dd118c2896
a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399
a56299887f3e3e17b8d533cde3bd5a98a47d0ad14d111b4e82efbf2bcec269ab
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83ec36c657f04438a7e2c8d9b9356a1904f827690e4f1683ff67de236e6dbd9
aa5b8f27efd753425650bc628c3d46d0d5025bdb9b66b20b5c1c3f9f7c1a18f7
abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac5d44354f62e5757b75abf2e319b4e0097d6444761931bc9bac3718662de503
ac6ac600055155d9508f5c91344f4d38fd154c021695f8c7e94ad1e2fbe93bba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
af87df62f211ecee4b0b11916cc0faa8161d1f74eb50ef447e0c780dc6aedccc
b0a11946c643c14bb42fe182a9f7774797b304c21cfb3b00c3c45489b58fc5f1
b141ad4c62281a742b1a53a489c1a917fb1becc6de1538547fe207aa91d3a9f6
b265b61574bf1761b2db94d79eb59458f2c43d108317ab6f8cdd5d920356663b
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b575aeef71b681f100ae2cc7ed084dccc419c1eeb4c59ddf08f039d04c8a95d4
b74504106936db61dbe6f2f7fd27f17deaa5e56e6b5023706d82bf6d6022b3b9
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b95a8679eccf66eb56c5bd90d1c8f54a0717e85ac7966751ecbc7c9209324b0b
b9be933f76eee1c4bfe2b9a0e6719b32a5bdce5a4bc15601aea168e20e13a30a
ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f
ba0c6fbcb52b5ae4fbdfa89f7a26b1246d3ffed722353e730193af0fc3fcb9c6
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bf445235a6bafdc2c7bfc76a7566dee3449c985ac2902123bfe57cd7685a00c4
c08cb8a1586d5c0d3fab3842f33f35910888ba571f399fa1115dd5973bc4303d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d2ef1ff7df915ce113c65a74b1ab59f37b543b2d4c9f8a1d27d82362bceb48
c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c4a19be42471f4cc440d94a18603893a88df48274ec54751f7fce163e4419820
c51bff01f0501c6ccfee48252aac8f1acc6e53e1c77d9e0377a5e5cf28a10ea2
c555183895342cf73bba93c0008e5a19100227e9451b3a9beda10ad75520db6a
c58e844e09964b214705c5a838adcfd1c729642dd35d1ad23b178359356292d6
c78e5e5aca54e87247679806332cb3e994bddc4ca1f1fb38cc418adace675677
c79788a5758405dd16060e1656c2a3e3e4d4228073a6024b4c2692fc8a8201a3
c84d2194296723d98f98e0faaec95caeb3672fb852166c7d6207bbfe1c94e8b0
c8759e432ec027305e7dbcfd98ccc28c327469f0bb34bea55424d474acb559bc
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6
cbaf07acd0356b90bb8d0ca983d2d2d19f7a3426e5b89c8cdcd9c9d28193fca8
cccba587a124ac942142683a38b5e050c96980f6f3a1944b0ce20cd131b08a81
cd201d7d3584bcbe6340c8d6a50e3e39724b090cde1d20677c39b8e93fbcf8ea
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91
d44a49e27debed71398d388de2d14fb737d8ca72eaaaf7bea5972fcecf499a17
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7f00ce89b3fcf2a99342796be029e2522c1d9b2df0c979430973d31c5c28440
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db7abf70710cf48cba0f432b42dc3425c3086bc9f8e1edbe9b30f112b66c5aea
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4
dc1a52ae86bac0357413c1b738deca92d18294554d10ee0311ef5a1bdf07e6b6
dc3927666530e6096dcc9e840690f741c1e92c5479d06a1445ee15b7e9abd051
de4bf3cac42279a6a7122862e2b3d52282677fbdc7cf636c7e0e8f4852b21704
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
dfadf5827cd1cb8e06f04baa71fb287f4194df6ded812db61040bcd79ae6389c
e080e504f58f105af7861e295cc78fbf9420f0c8f62a74baf3085d00981cf1d7
e0a2a5931def4d018eb29d2906d98a42c85cf00e599c462c9d2696c4ecc2304f
e0cb7b9d74668fc8d5b47eff0049820ed5ec690cb021d9144136666a2d8450cf
e0e2ffffe3750006095cf806d4d74c2659ec0e369d29b3c9fd1834ec5ab4272b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1c054b47adf9e75a3b785b7ac87e5157bbeec4a86b82fb76bd4368b5db52187
e321f986f5872ca02ccdcf17714cd9c2977057a55b7acc52f42ca0c1c70741fd
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e3722ebba0dda60a3219e19235a3ece2b1943eff8f41f1d7cc0fd08b835f4581
e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001
e6af40c18f2bd3bfc04e356506f5f806b9ef2fc9a445a549dc628d16dd445697
e8304367a445b903f4bc5086d5e6cd8b3d9cba811a288595c1fee8d75c51258e
e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db
e8d722e1fd577c1666df680d147ecd4942263221b6ce1a51b3d8a5d6bc2bcded
ea2236572ddb73cc9551a48e02761c8e48d1651b4e6e77f67bd46ba3e99ea780
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0332a0c034778ac84cef0752adcb5097fbe7e360f5deadda3a7afd2198fe680
f13c139d48dadf2a0c42bc0d21525dcc27989bb3a4181b1d4d972e54c8a20b63
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f26c53d46132ac896e7be512309cebe924b2c961a2594d26c3df554989b6a3ee
f32bfe6fbdb7ee9d2378e9ca8155f15d531ecbcd8520bbf1372663178dbf1fb6
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7160fe443d32f0e4578d3ab5416de8c267289613297a2d9dbcc75733425dc69
f7328a504bb54fed75618a15681f0d6723ea228932f7013ceb6b6dfefe5d60ce
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10
fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178
fc1e29b7e257d1e6cdef87b1f8fb5f7427256253fe79044b5925a966e936866c
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fd6c59c43d25ea7d61764d099e8c795d2c84cdd5f0fe84ba63acdb55f7f230fb
fd7bfbb6a7fb06e05f63465a4cc276f31712c673678ce792bac7ab605d2c0e7d
fdee9ead34651f90eb8881765a6985f9a4b1991b10ca34ac3163d03ef6ef1d25
fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a
fe477e3dc74c39f58277bb9cbcf3480b0e3a0fb5933e9fe365a5de81115baa9e
fe60ef74644ae7c65f7491c33b579034a07d821ac49196441b7f5de0e66f7192
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
ff3688e860c33cccd0bac6d89cb2c571ed9f78aed7afa9ff4a296c38665a80c4
ffa60148c06588bd50ded71c0a7c847e4b78013210d90b50991501324c48d9f7
ffb33cb84b80fdbfcee5dcb1f179890741dfe54d830cf9eea42be0a1e59b35ec
ffee30afa8295eef0269df10349134fbd2af815f234e51b9ffdb0425d5e6cd23

www.thestar.com Open in urlscan Pro 108.138.17.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

433 Requests

93 %HTTPS

40 %IPv6

77 Domains

120 Subdomains

97 IPs

10 Countries

6547 kBTransfer

19580 kBSize

111 Cookies

18 Outgoing links

Page URL History

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
108.138.17.76 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

93 %
HTTPS

40 %
IPv6

77
Domains

120
Subdomains

97
IPs

10
Countries

6547 kB
Transfer

19580 kB
Size

111
Cookies

433 HTTP transactions
2 data transactions