urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com Open in urlscan Pro
108.138.17.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Effective URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Submission: On April 24 via api from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 86 domains to perform 354 HTTP transactions. The main IP is 108.138.17.82, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 73033.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.
This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
11 55 108.138.17.82 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
19 18.66.112.119 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
6 13.225.78.98 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 129.213.64.139 31898 (ORACLE-BM...)
13 18.66.97.82 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
7 51.104.28.77 8075 (MICROSOFT...)
1 2.19.229.113 16625 (AKAMAI-AS)
12 13.32.27.82 16509 (AMAZON-02)
1 3 13.32.121.72 16509 (AMAZON-02)
1 13.32.118.153 16509 (AMAZON-02)
1 52.222.250.70 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
3 13.224.192.181 16509 (AMAZON-02)
2 34.198.148.95 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 172.217.16.134 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 3.232.207.16 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
2 3 37.252.171.53 29990 (ASN-APPNEX)
7 34.107.254.252 396982 (GOOGLE-CL...)
2 2600:1f18:44f... 14618 (AMAZON-AES)
2 52.51.135.19 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 18.66.100.58 16509 (AMAZON-02)
6 35.190.14.224 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.243.208.221 16509 (AMAZON-02)
2 13.37.25.97 16509 (AMAZON-02)
1 1 34.250.135.14 16509 (AMAZON-02)
2 54.204.6.114 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 104.18.43.178 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:b0c0:3:d... 14061 (DIGITALOC...)
4 2a03:b0c0:3:f... 14061 (DIGITALOC...)
1 2.19.229.10 16625 (AKAMAI-AS)
1 2a04:4e42:8d:... 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 54.155.18.159 16509 (AMAZON-02)
10 151.101.130.27 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
10 35.244.232.184 15169 (GOOGLE)
2 18.64.141.78 16509 (AMAZON-02)
1 34.120.23.223 396982 (GOOGLE-CL...)
2 13.32.99.95 16509 (AMAZON-02)
4 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 54.230.207.225 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:143... 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 146.75.116.157 54113 (FASTLY)
2 2a04:4e42:8d::84 54113 (FASTLY)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 142.250.181.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a04:4e42:400... 54113 (FASTLY)
3 151.101.64.84 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.122.78.123 16509 (AMAZON-02)
1 151.101.65.140 54113 (FASTLY)
2 2 13.248.245.213 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 52.212.169.30 16509 (AMAZON-02)
1 1 185.86.139.93 201081 (SMARTADSE...)
1 37.157.6.247 198622 (ADFORM)
2 2 3.125.111.141 16509 (AMAZON-02)
1 216.52.2.86 30282 (AS-INAPCD...)
2 2 35.227.252.103 15169 (GOOGLE)
2 15.197.193.217 16509 (AMAZON-02)
2 2 52.51.235.201 16509 (AMAZON-02)
2 2 3.71.149.231 16509 (AMAZON-02)
1 18.194.204.152 16509 (AMAZON-02)
2 2.19.228.187 16625 (AKAMAI-AS)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.183 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 4 142.250.186.98 15169 (GOOGLE)
1 52.209.248.17 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 3.218.36.50 14618 (AMAZON-AES)
3 3 37.157.4.28 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 2 185.80.39.216 ()
2 2 54.220.217.136 ()
1 198.47.127.20 ()
354 104
3    2a02:26f0:480:7a3::3277 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apple.news
8    2a02:26f0:6c00:1a9::1aca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.apple.com
55    108.138.17.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-82.fra56.r.cloudfront.net
www.thestar.com
3    2600:9000:2240:f800:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prebid.the-ozone-project.com
19    18.66.112.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-119.fra56.r.cloudfront.net
z737.thestar.com
8    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
6    13.225.78.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-98.fra2.r.cloudfront.net
images.thestar.com
1    2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2600:9000:223c:7600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    129.213.64.139 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
torstar.gscontxt.net
13    18.66.97.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-82.fra56.r.cloudfront.net
resources.thestar.com
1    2606:4700:20::681a:990 (United States)

ASN13335 (CLOUDFLARENET, US)
static.app.delivery
8    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
7    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserver.pressboard.ca
sr.studiostack.com
1    2.19.229.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-113.deploy.static.akamaitechnologies.com
z.moatads.com
12    13.32.27.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-82.fra56.r.cloudfront.net
playback.oovvuu.media
3    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    13.32.118.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-153.fra60.r.cloudfront.net
d1nxn87txdj54y.cloudfront.net
1    52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.petametrics.com
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    34.198.148.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-148-95.compute-1.amazonaws.com
torstar.blueconic.net
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
s0.2mdn.net
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.nl
adservice.google.com
2    3.232.207.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-207-16.compute-1.amazonaws.com
api.parsely.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
3    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    2600:1f18:44f0:4851:ca80:f712:6be1:b2f7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    52.51.135.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-135-19.eu-west-1.compute.amazonaws.com
dpm.demdex.net
7    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
6    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    34.243.208.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-208-221.eu-west-1.compute.amazonaws.com
torontostarnewspaperslimited.demdex.net
2    13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
s.thestar.com
1    34.250.135.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-135-14.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    54.204.6.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-6-114.compute-1.amazonaws.com
i.viafoura.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
15    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a03:b0c0:3:d0::be2:3001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
push.kumulos.com
4    2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
events.kumulos.com
1    2.19.229.10 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-10.deploy.static.akamaitechnologies.com
players.brightcove.net
1    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
oovvuu-logos-prod.imgix.net
8    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
10    151.101.130.27 (United States)

ASN54113 (FASTLY, US)
edge.api.brightcove.com
manifest.prod.boltdns.net
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
3    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
2    18.64.141.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-141-78.mct50.r.cloudfront.net
api.thestar.com
1    34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com
engagefront.theweathernetwork.com
2    13.32.99.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-95.fra60.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
4    2a02:26f0:780::210:ca62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
prod-oovvuu.akamaized.net
1    54.230.207.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-207-225.ham50.r.cloudfront.net
aax.amazon-adsystem.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2600:1f18:1430:9000:22e9:2dfd:5b04:f57a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pixel.thestar.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
10230056.fls.doubleclick.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    2600:9000:20eb:a000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    3.122.78.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-78-123.eu-central-1.compute.amazonaws.com
crb.kargo.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.212.169.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-169-30.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
1    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    3.125.111.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-111-141.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.51.235.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-235-201.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    18.194.204.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    52.209.248.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    3.218.36.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-36-50.compute-1.amazonaws.com
a.audrte.com
3    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    185.80.39.216 (None, )

ASN- ()
ssum.casalemedia.com
2    54.220.217.136 (None, )

ASN- ()
ad2.360yield.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
99 thestar.com
www.thestar.com — Cisco Umbrella Rank: 73033
z737.thestar.com — Cisco Umbrella Rank: 473999
images.thestar.com — Cisco Umbrella Rank: 227659
resources.thestar.com — Cisco Umbrella Rank: 319574
s.thestar.com — Cisco Umbrella Rank: 578106
api.thestar.com — Cisco Umbrella Rank: 560824
pixel.thestar.com — Cisco Umbrella Rank: 646881
2 MB
24 google.com
news.google.com — Cisco Umbrella Rank: 7327
accounts.google.com — Cisco Umbrella Rank: 92
region1.analytics.google.com — Cisco Umbrella Rank: 2930
play.google.com — Cisco Umbrella Rank: 74
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2078
184 KB
18 the-ozone-project.com
prebid.the-ozone-project.com — Cisco Umbrella Rank: 24102
elb.the-ozone-project.com — Cisco Umbrella Rank: 8315
96 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 201
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
10230056.fls.doubleclick.net — Cisco Umbrella Rank: 690054
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
178 KB
14 brightcove.com
edge.api.brightcove.com — Cisco Umbrella Rank: 6704
metrics.brightcove.com — Cisco Umbrella Rank: 5050
10 KB
12 oovvuu.media
playback.oovvuu.media — Cisco Umbrella Rank: 286086
58 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com
27 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
44 KB
8 boltdns.net
cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 7633
manifest.prod.boltdns.net — Cisco Umbrella Rank: 7009
110 KB
8 kumulos.com
push.kumulos.com — Cisco Umbrella Rank: 217383
events.kumulos.com — Cisco Umbrella Rank: 115412
6 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
515 KB
8 apple.com
www.apple.com — Cisco Umbrella Rank: 245
792 KB
7 gstatic.com
www.gstatic.com
162 KB
7 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2596
1 KB
7 parsely.com
api.parsely.com — Cisco Umbrella Rank: 19796
cdn.parsely.com — Cisco Umbrella Rank: 3747
p1.parsely.com — Cisco Umbrella Rank: 3160
44 KB
7 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 19597
query.petametrics.com — Cisco Umbrella Rank: 20070
50 KB
6 studiostack.com
sr.studiostack.com — Cisco Umbrella Rank: 76076
27 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1622
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
www.linkedin.com — Cisco Umbrella Rank: 779
px4.ads.linkedin.com — Cisco Umbrella Rank: 6554
3 KB
4 akamaized.net
prod-oovvuu.akamaized.net — Cisco Umbrella Rank: 722151
3 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
574 KB
4 google.nl
www.google.nl — Cisco Umbrella Rank: 6376
adservice.google.nl — Cisco Umbrella Rank: 11490
1 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13513
i.viafoura.co — Cisco Umbrella Rank: 13640
7 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
60 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 926
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 519
13 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
265 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1180
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 401552
5 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
3 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1542
api.btloader.com — Cisco Umbrella Rank: 1745
7 KB
3 apple.news
apple.news — Cisco Umbrella Rank: 282
17 KB
2 360yield.com
ad2.360yield.com
703 B
2 casalemedia.com
ssum.casalemedia.com
2 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
497 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
691 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5438
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
529 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1886
672 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
965 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
797 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 896
18 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
177 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1707
1 KB
2 blueconic.net
torstar.blueconic.net — Cisco Umbrella Rank: 453081
2 KB
2 cloudfront.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
2 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5046
2 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
589 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
795 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
363 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
737 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
364 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
277 B
1 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556
307 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
239 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1867
157 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 2477
462 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1274
7 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604
398 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1749
8 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1365
5 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 912
726 B
1 t.co
t.co — Cisco Umbrella Rank: 584
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 964
15 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
16 KB
1 theweathernetwork.com
engagefront.theweathernetwork.com — Cisco Umbrella Rank: 4455
281 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 6288
7 KB
1 imgix.net
oovvuu-logos-prod.imgix.net — Cisco Umbrella Rank: 436017
5 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 4719
243 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1516
517 B
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 491941
394 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
25 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 681
54 KB
1 pressboard.ca
adserver.pressboard.ca — Cisco Umbrella Rank: 141580
789 B
1 app.delivery
static.app.delivery — Cisco Umbrella Rank: 75909
32 KB
1 gscontxt.net
torstar.gscontxt.net — Cisco Umbrella Rank: 336425
297 B
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 333376
144 KB
1 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12517
12 KB
0 districtm.io Failed
dmx.districtm.io Failed
354 86
Domain Requested by
55 www.thestar.com 11 redirects apple.news
www.thestar.com
19 z737.thestar.com www.thestar.com
z737.thestar.com
15 elb.the-ozone-project.com prebid.the-ozone-project.com
elb.the-ozone-project.com
ads.pubmatic.com
static.cloudflareinsights.com
13 resources.thestar.com www.thestar.com
resources.thestar.com
12 playback.oovvuu.media www.thestar.com
playback.oovvuu.media
apple.news
10 metrics.brightcove.com
8 play.google.com www.gstatic.com
8 www.googletagmanager.com www.thestar.com
www.googletagmanager.com
apple.news
8 news.google.com www.thestar.com
news.google.com
apple.news
www.gstatic.com
8 www.apple.com apple.news
www.apple.com
7 www.gstatic.com news.google.com
www.gstatic.com
7 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6 manifest.prod.boltdns.net players.brightcove.net
6 query.petametrics.com www.thestar.com
6 sr.studiostack.com adserver.pressboard.ca
sr.studiostack.com
6 images.thestar.com www.thestar.com
5 image2.pubmatic.com ads.pubmatic.com
5 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 cm.g.doubleclick.net 4 redirects
4 prod-oovvuu.akamaized.net players.brightcove.net
4 edge.api.brightcove.com players.brightcove.net
4 p1.parsely.com cdn.parsely.com
4 events.kumulos.com static.app.delivery
4 push.kumulos.com static.app.delivery
4 securepubads.g.doubleclick.net www.thestar.com
securepubads.g.doubleclick.net
3 ct.pinterest.com s.pinimg.com
3 bat.bing.com apple.news
bat.bing.com
3 www.facebook.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 imasdk.googleapis.com players.brightcove.net
imasdk.googleapis.com
3 www.google.nl www.thestar.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 unpkg.com 2 redirects www.thestar.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 ib.adnxs.com 2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3 c.amazon-adsystem.com www.thestar.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects www.thestar.com
3 prebid.the-ozone-project.com www.thestar.com
prebid.the-ozone-project.com
3 apple.news apple.news
2 ad2.360yield.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 ads.pubmatic.com elb.the-ozone-project.com
ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 ads.avct.cloud 2 redirects
2 match.adsrvr.org elb.the-ozone-project.com
ads.pubmatic.com
2 rtb.openx.net 2 redirects
2 x.bidswitch.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 eb2.3lift.com 2 redirects
2 px.ads.linkedin.com 2 redirects
2 10230056.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 s.pinimg.com apple.news
s.pinimg.com
2 pixel.thestar.com connect.facebook.net
2 www.google.com tpc.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
10230056.fls.doubleclick.net
2 cf-images.us-east-1.prod.boltdns.net
2 api.thestar.com www.thestar.com
2 connect.facebook.net z737.thestar.com
connect.facebook.net
2 region1.analytics.google.com www.googletagmanager.com
2 i.viafoura.co www.thestar.com
2 s.thestar.com resources.thestar.com
2 api.btloader.com btloader.com
2 dpm.demdex.net resources.thestar.com
www.thestar.com
2 api.viafoura.co cdn.viafoura.net
2 api.parsely.com www.thestar.com
2 ad.doubleclick.net www.thestar.com
apple.news
2 ad-delivery.net www.thestar.com
2 torstar.blueconic.net z737.thestar.com
2 dev.visualwebsiteoptimizer.com www.thestar.com
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 match.sharethrough.com elb.the-ozone-project.com
1 ap.lijit.com elb.the-ozone-project.com
1 cm.adform.net elb.the-ozone-project.com
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel.rubiconproject.com elb.the-ozone-project.com
1 alb.reddit.com
1 crb.kargo.com elb.the-ozone-project.com
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 www.redditstatic.com apple.news
1 snap.licdn.com apple.news
1 googleads.g.doubleclick.net www.googletagmanager.com
1 analytics.twitter.com
1 t.co
1 static.ads-twitter.com apple.news
1 fundingchoicesmessages.google.com apple.news
1 9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 s0.2mdn.net imasdk.googleapis.com
1 engagefront.theweathernetwork.com
1 vjs.zencdn.net players.brightcove.net
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 oovvuu-logos-prod.imgix.net
1 players.brightcove.net playback.oovvuu.media
1 fonts.googleapis.com client
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 www.googletagservices.com www.thestar.com
1 cdn.petametrics.com www.thestar.com
1 d1z2jf7jlzjs58.cloudfront.net www.thestar.com
1 d1nxn87txdj54y.cloudfront.net www.thestar.com
1 z.moatads.com www.thestar.com
1 adserver.pressboard.ca www.thestar.com
1 static.app.delivery www.thestar.com
1 torstar.gscontxt.net www.thestar.com
1 btloader.com www.thestar.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.thestar.com
1 cdn.viafoura.net www.thestar.com
1 accounts.google.com www.thestar.com
0 dmx.districtm.io Failed elb.the-ozone-project.com
354 128
Subject Issuer Validity Valid
c.apple.news
Apple Public Server RSA CA 12 - G1		 2023-02-09 -
2023-08-07		 6 months crt.sh
www.apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
*.thestar.com
Trustwave Organization Validation SHA256 CA, Level 1		 2022-09-27 -
2023-10-19		 a year crt.sh
*.the-ozone-project.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-12-20		 10 months crt.sh
z737.thestar.com
Amazon RSA 2048 M01		 2023-02-06 -
2024-03-06		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-06		 7 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-05 -
2023-08-05		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2		 2023-02-13 -
2024-03-16		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
playback.prod.oovvuu.io
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-29		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
cdn.liftigniter.com
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-06		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2022-11-16 -
2023-12-18		 a year crt.sh
*.liftigniter.com
R3		 2023-04-08 -
2023-07-07		 3 months crt.sh
s.thestar.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.google.nl
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.kumulos.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-03 -
2023-06-02		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-07-28		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-31 -
2023-05-01		 3 months crt.sh
brightcove.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-12 -
2024-04-12		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
metrics.brightcove.com
GTS CA 1D4		 2023-04-01 -
2023-06-30		 3 months crt.sh
engagefront.theweathernetwork.com
GTS CA 1D4		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.prod.boltdns.net
Amazon RSA 2048 M01		 2023-03-02 -
2023-11-18		 9 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
pixel.thestar.com
Amazon RSA 2048 M01		 2023-03-02 -
2023-07-07		 4 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-01 -
2023-10-01		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-12		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 19 frames:

Primary Page: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Frame ID: 47979D18570A3798AE1DAEAD64CAB02E
Requests: 278 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1682322712279&publicationId=thestar.com
Frame ID: 2813B6339A205C5EB3212036CD0CEC52
Requests: 14 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 2C94D85FCAEAACDE33AA84E891B984A0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: B0F786C92DD9B8098C6CB09409F46288
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: C8C303752863D37333CA4DD717D47587
Requests: 1 HTTP requests in this frame

Frame: https://9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EF8D3D7F3EF22A5C2099107DA1C7969
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C93F7E6BB5E5DB1A1BD3FA93E4E9F98F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E0D12D4DCAE3F9E924421530011E08E
Requests: 2 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Frame ID: E37B763C29F7A6873997D6A60EE35670
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BA6200583D74CE15DDDC5391E8969AAB
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Frame ID: 60918E9BEF0ACEC779B81F6D82442F45
Requests: 21 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: D9C3779593AE69D85E12C8AC1B3E1B30
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 8101CCAE023557468D6740A2DF71FF78
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&gdpr=0&gdpr_consent=
Frame ID: 34DA5AD395B07136E167C1ABB06F73AF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7611324175373130344
Frame ID: 5C384CF32A361EFE8AF6B204B60F63D0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8C669177026CBE3E1588A97A9FE23B3D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727404957715
Frame ID: FEEBDB8DB62E784877693AFBDDF40E32
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
Frame ID: 8621FB0BBB138CEC0BB98BD44DE0192F
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF
Frame ID: A175A3AB5F4B644DAF90C8CD725D9A8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Peel police investigating heist of gold, high-value goods from Pearson | The Star

Page URL History Show full URLs

  1. https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ Page URL
  2. https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pears... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

354
Requests

89 %
HTTPS

38 %
IPv6

86
Domains

128
Subdomains

104
IPs

10
Countries

9623 kB
Transfer

20285 kB
Size

118
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ Page URL
  2. https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&c8=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&c9=https%3A%2F%2Fapple.news%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&c8=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&c9=https%3A%2F%2Fapple.news%2F
Request Chain 105
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@3.3.1 HTTP 302
  • https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js
Request Chain 111
  • https://cm.everesttech.net/cm/dd?d_uuid=75254817816889434370125951155054892523 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEY1GQAAANn7lANx
Request Chain 154
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
Request Chain 155
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
Request Chain 156
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
Request Chain 157
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
Request Chain 158
  • https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?v=e4106b07 HTTP 302
  • https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?rf&v=e4106b07
Request Chain 159
  • https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2 HTTP 302
  • https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?rf&v=fe7e45c2
Request Chain 160
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf HTTP 302
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf?rf
Request Chain 161
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2?rf
Request Chain 162
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2?rf
Request Chain 163
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2?rf
Request Chain 164
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2 HTTP 302
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2?rf
Request Chain 292
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html HTTP 302
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Request Chain 305
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1682322716793%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Fnews%252Fgta%252F2023%252F04%252F20%252Fpeel-police-investigating-possible-gold-heist-from-pearson.html%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&liSync=true&e_ipv6=AQKfo4-6pwMFxwAAAYeyP3pkrO2KxJvi93t4akKWhvJpveI-t4ZHGDWi4X-fkvnHPaA7U8w
Request Chain 317
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1938029788449510628412
Request Chain 320
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAGhpU7IjGoAACDtitnEMw
Request Chain 321
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5488056305867454430
Request Chain 325
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=de140195-7cb8-4175-8ca9-69605769dc5b
Request Chain 328
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=dcb2d081-1054-4a11-b1bf-a54bd838ad2a
Request Chain 330
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=b9cc33fc-430c-4cb7-8e38-bc7dd0223932
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-sPrfb8tE2uHtcdriCslc7KdMzE2Zk8YJA5mLXXk-~A&gdpr=0
Request Chain 335
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&gdpr=0&gdpr_consent=
Request Chain 336
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7611324175373130344
Request Chain 338
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727404957715
Request Chain 339
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zo8dv1rlQLeuIgM0xDwG3w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 343
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2534061181
Request Chain 344
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjhpUURadUV6WHJSOWloZklXbENjNnZEdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=634108300491404176&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0U4RjFEQkYtNUFFNS00MEI3LUFFMjItMDMzNEM0M0MwNkRG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENlPrM0cqCekHGE7k0Yn_3k&google_cver=1
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=634108300491404176
Request Chain 350
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZEY1IPCcGqovDYq9pJN6lgAA%265233
Request Chain 351
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1dc2dc29-e945-4c22-8c5f-01992bc16473
Request Chain 352
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8230516628423329191

354 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
AmHA-JiMQR2ixH6dNYB0I6Q
apple.news/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:7a3::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c /
Resource Hash
e9b619d0dd6694a9e98ff52d8f82d804838476f0dc2911be8c008097ac3061f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
public, no-transform, max-age=210
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2452
Content-Type
text/html
Date
Mon, 24 Apr 2023 07:51:50 GMT
Server
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
Vary
Accept-Encoding
X-B3-TraceId
323e3059eb3ce95d
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1
fonts
www.apple.com/wss/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apple.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-length
913
x-xss-protection
1; mode=block
cteonnt-length
15185
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apple
etag
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=0, no-cache
expires
Mon, 24 Apr 2023 07:51:50 GMT
index.css
apple.news/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apple.news/css/index.css
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:7a3::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c /
Resource Hash
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Mon, 24 Apr 2023 07:51:50 GMT
X-B3-TraceId
92045819369388e0
Connection
keep-alive
Content-Length
2100
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 01 Jan 1970 00:00:01 GMT
Server
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Mon, 24 Apr 2023 07:51:50 GMT
Appicon_v6.png
apple.news/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple.news/images/Appicon_v6.png
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:7a3::3277 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c /
Resource Hash
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
Date
Mon, 24 Apr 2023 07:51:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 01 Jan 1970 00:00:01 GMT
Server
AppleHttpServer/95779042ce47cd62b074b0c0e0b31038c863cb9c
X-B3-TraceId
1f84b974f85c63f9
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11329
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Apr 2023 07:51:50 GMT
sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:54:44 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1673
content-length
162416
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:19:43 GMT
sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		150 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:54:44 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1376
content-length
153880
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:14:46 GMT
sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:54:44 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (A)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=354
content-length
141324
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 07:57:44 GMT
SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:54:50 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=3125
content-length
8868
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:43:55 GMT
SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:54:50 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=3228
content-length
10380
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:45:38 GMT
sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:55:03 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2949
content-length
169880
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:40:59 GMT
sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		152 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a9::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:51:50 GMT
last-modified
Thu, 16 Jun 2022 22:55:03 GMT
server
Apple
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-187-156.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=610
content-length
155504
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 08:02:00 GMT
Primary Request peel-police-investigating-possible-gold-heist-from-pearson.html
www.thestar.com/news/gta/2023/04/20/ 		179 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
868bc7842890371d6e834cfa57d396d6896114c884761d49286e9deef805da83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://apple.news/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
https://amp.thestar.com
age
64
cache-control
max-age=180
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 07:50:47 GMT
etag
W/"2ca0a-6K23j3i22Xv69xW/LH4jGdcqEyQ"
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-id
xJFVBsVIFv3l2erop2gzKPrnu6mlq3pW8lu6WA-LIvwxlF7uzczXRA==
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN
x-powered-by
Express
TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 		24 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:45:44 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
367
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"6028-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
xvwFnAdGAcSaYUFlWhDUTzrKSRRL1jBvReDWWLih7qQn5iFNn0MQqQ==
TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:11:13 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2438
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18316
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"478c-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
DD4X9gBut4izs55QtVzUcuCMScLpR9od2d1EnzQWtodFisk7TJlkgA==
TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11497
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18276
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4764-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
_DWjudWQVRvo59AF5AW3Xxbaz60pOT5zHM75F0YUwdMGqU7jtqs_cg==
TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:11:21 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13230
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
19052
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4a6c-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
Zk6TyaCHAxevDPhZyvPH5Us2tsJyTQjicaeVb_gO1xzLMMst1I2bpw==
TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:59:31 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
6740
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18736
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4930-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
sKkM6uG2YaLXWlcdaz57xWrzx0UXmL8u-ioooMUqhn6f_KiG6wXb3A==
MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 06:28:27 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
5004
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
55032
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d6f8-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
fOK3G7w3ifJkVkjL2TGJ4d0jbvMAofQH70Jy3VbBtDs98aP_ev3frg==
MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:32:00 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
8391
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
53664
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d1a0-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
DTF7_TVpz82Hda2SBYoe0XQYg2L87kk1ugPpusPYyG9aMg6ANrAYxw==
MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:36:15 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11736
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
56380
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"dc3c-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
14kH2X1p4Y-r3w0BVlmcFxW0aGAYM_Wz4Ld7Bo5-yHKmHNCeFybCsw==
MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:06:52 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13498
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54800
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d610-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
XDPwp-06uJE2pn7cKokBANgGrPNaXLbawK5CQeMx7_VF-RodGcoe1g==
MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:06:28 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
9923
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54304
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d420-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
mBbQOuynSHscz68AbYBR34pkuL_IgSJxql-yyQTJKcDj-5b5rzqE7Q==
toronto-star-adunits.js
prebid.the-ozone-project.com/hw/torstar/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:f800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 12:41:30 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 02:13:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
69089
etag
W/"47ec15276ab051ddd124dd65b61efb8f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
TSVMSPbPDFsB7B7lod9DnPAd58Ij23d2oHXgxIkKxzOcikg8DlbWWA==
script.js
z737.thestar.com/ 		137 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/script.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
df3d837188427a952cf3fe8f11ff624126b6ebba83aae12346f8a9e1439d06a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
age
441
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41791
x-xss-protection
1; mode=block
last-modified
Mon, 24 Apr 2023 07:43:33 GMT
server
-
etag
6c43629cb1a83818902940adbd9d83c7
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
qZ0lwO3MxEUK055e47dZ4FvWWPblQNTSVccM2FaSCBISDgsKEqmyrw==
expires
Mon, 24 Apr 2023 07:54:30 GMT
swg.js
news.google.com/swg/js/v1/ 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f965edac88af0f6256b829edf6d96a291528b0a17122b51a104d05662013ad53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59098
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 16:07:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 08:26:25 GMT
peel_insp_duivesteyn.jpg
images.thestar.com/4UwxzFSFlYEZipUwBOTGTnUriss=/1086x738/smart/filters:cb(1682110884961):format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/20/peel-police-investigating-possi... 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/4UwxzFSFlYEZipUwBOTGTnUriss=/1086x738/smart/filters:cb(1682110884961):format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson/peel_insp_duivesteyn.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
52a7a65dda1d3e7fed364639ad3abc29c98d846a672725e85fb5495c0d4da127

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:32:53 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
209938
etag
"243d02db86aff4274cc5decd2dd10ba1f7f1c8da"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
46456
x-amz-cf-id
5YE3MeaAhJBuMSnfckVbmVVRGo-c066gs8W9P5iRAzFkFBTKaOPdlQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b11bc16ba81355d4be89e3f7d316d9e9dec7c33a43d45c2277b0df713a4ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:27:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21047
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 16:07:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 08:17:48 GMT
client
accounts.google.com/gsi/ 		195 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
152aea92bb7fee90b69c1e0df5c623b6ec5c5967c05579f7146d30142cf5b1cb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--NnYWzZsIBiGzHr63KpQrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--NnYWzZsIBiGzHr63KpQrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 24 Apr 2023 07:51:51 GMT
index.js
cdn.viafoura.net/entry/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/entry/index.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17d2cfd578db50914e4001a627bfdb056a3b1a8dbeda689659d3066c38c835ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
gwo2choO78uf6F.231T6lStwRb27Wy4K
content-encoding
gzip
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 07:42:12 GMT
x-amz-cf-pop
FRA56-P2
age
580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 21 Feb 2023 15:42:10 GMT
server
AmazonS3
etag
W/"7d22c0834a6b3da8d83d47ee2273a99c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,s-max-age=60
x-amz-cf-id
QL2Pp53c5JspkA3jRg4ox3uj_Er-HcCC2wmSDBtMzBFTAdgCDC8rCA==
74.css
www.thestar.com/static/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 17:05:31 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
53180
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"19a0-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
x-amz-cf-id
mKwWjP3Q9nZwHDUnOI1pPaSdy4CVGnYBycPKCE2WhJhU3TbNgD7WjQ==
bundle.css
www.thestar.com/static/ 		406 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
8243d86bc0a0ca16050e56375ae55b7da0d205f48a1b5b18eadf9f20ecf00c9c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 17:05:31 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
53180
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"65664-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
x-amz-cf-id
qXNAaq5be6ZBDhBvSRiWOMI8ISqFJPg4gfckVWQpUwN5IzAUANuXnw==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 		480 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe477e3dc74c39f58277bb9cbcf3480b0e3a0fb5933e9fe365a5de81115baa9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
age
0
x-guploader-uploadid
ADPycduOxK5MCiRQT4Ghk42606j5zANeBJjmO7QuL7Nq8hJKDNSPrjI25s9VYJ5w9HGc5zYbwJO_BF-87KW7vMnofqqs9V6e1ia5
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 28 Mar 2023 11:06:16 GMT
server
cloudflare
etag
W/"28736cd9600df6d6da8c4f7bbc5a963d"
vary
Accept-Encoding
x-goog-generation
1680001576370736
content-type
application/javascript
x-goog-hash
crc32c=RDP1fw==, md5=KHNs2WAN9tbajE97vFqWPQ==
cache-control
public, max-age=900
x-goog-stored-content-length
151480
timing-allow-origin
*
cf-ray
7bccc3736ef50bd0-AMS
expires
Mon, 24 Apr 2023 08:06:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6197dc39b617396538503ee3dfc3d77ee347220eb447f1067f3a872bbdd4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25057
x-xss-protection
0
server
cafe
etag
695 / 19471 / 31074053 / config-hash: 6342739278968460252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Apr 2023 07:51:51 GMT
ads.js
www.thestar.com/assets/js/ 		22 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/js/ads.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:05:31 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13580
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"16-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
D0Jz_94xCAaK4uv1YAZtE5_tzpSCIvLc1AQG6du_2DL0_d1NtBV6hw==
tag
btloader.com/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4743d5947000551def54c2e93abe246e0eba712fb3a6fe8d13b9d23a2f143f0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 07:14:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2159
etag
W/"c65a3c6af2e51109a9b966a2b41c7559"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwQ1Z%2BdbNLsXxQKagGtgAsWlmK2o1ItZ7JsFzFsW7x4GTDa99U2KHCJ1U9aXqEgUFRLud0NKdGZGFecXdwHdWfQJ%2FxI6JZZYNbGCNcKSvUx6f6YwQDgw81pfTXrjWJQGqOm72hsGvlxwkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7bccc3736c7cb6fa-AMS
logo-toronto.svg
www.thestar.com/assets/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-toronto.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:09:38 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13333
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"1df3-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
_UwcsHJUEirLBj5QnRfWdaJDZ_01RdE-IyP3NysRVho6mShK1lTaHw==
logo-round-thestar.svg
www.thestar.com/assets/svg/ 		589 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-round-thestar.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:05:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
9958
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
589
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"24d-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
Wvqzq4-WvWULsTo7TSlfRdPEclLVpf4cc07yVIVZAeoCh0JMrhzeDQ==
vendors~bundle.chunk.js
www.thestar.com/static/ 		2 MB
482 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
c01528476711eaa0446515d7ccd143623a1eb7c74d11645f03cd1e86ea63bb8b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:23:00 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
55731
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"1b07b1-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
x-amz-cf-id
5EvAqTh9bD4UE4O1yJZqlS451msneHVzQbX4P_r95nltHIpai61WSA==
bundle.js
www.thestar.com/static/ 		1 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.js?v=f963b3e6
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
22bf9917be4dfaf8ae3765bfcaa625d4c1a5c3b795932dc34d32d4a77da3e658
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:23:00 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
55731
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"13e494-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
x-amz-cf-id
v9PbeZY2S5ut1pXdUEgmAdY-qGGNjQM6TqltkE8LjnFDzWRogpHYlQ==
ozpb.js
prebid.the-ozone-project.com/hw/torstar/ 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:f800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:20:18 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 18:26:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
9094
etag
W/"e08e5a6e68f37184e1c046d32d471d44"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
oTLDnW_rEilwkaz4iMy91xuKXWEx7Eb7Qc8JfIzhjY8uWl21lIvKaw==
ozp_global_int.min.js
prebid.the-ozone-project.com/hw/torstar/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:f800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:42:24 GMT
content-encoding
br
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified
Thu, 28 Apr 2022 14:10:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
11368
etag
W/"c6e67d08c7c4a89b3155020045b68eb1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
oySzfDzmPxABrnZViNlRzoXU5bjharNamINBUaCByHJK40lucJou1A==
channels.cgi
torstar.gscontxt.net/main/ 		219 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.213.64.139 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
920e19d37cc9f294e3dfbb51836a64b7fd0b39d9a3c9e2ab1032450a611c7cab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
219
Content-Type
application/javascript
launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
resources.thestar.com/ 		362 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7378bb30948ea6502b92a7dcf64fa47052f3e1157f0b5ab48a5c8a047fc03de4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
O7WgqjNuTHqJvC_N_C_KaxdDGx508mjW
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 05:37:54 GMT
last-modified
Fri, 31 Mar 2023 20:33:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
8038
x-amz-server-side-encryption
AES256
etag
W/"05feb774875ca0ef29f288702ae3d0b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
ibU4GWbvE_dd-qLOcldUl7z7V0NSkgV2_kYfSDBX86aMu8Uk-B22Pw==
main.js
static.app.delivery/sdks/web/ 		128 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.app.delivery/sdks/web/main.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:990 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3171
content-encoding
br
last-modified
Fri, 26 Nov 2021 12:00:54 GMT
server
cloudflare
etag
W/"61a0cc76-200b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbQA8U%2B%2FoLhnew%2FUAH5%2Bba4MlQTJlCZJd2ySwS5ndEklNNIIvHa2WqgHt8E%2FJAAQ3FbF5gCRw9wYzhcO4Zg%2F5F8furOT47YPasBEiM5U63sFJWByMITvThyuZa7Rar4A63rFNp3FtW%2Bn77jYVbP6Mqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bccc3738fe0b8a0-AMS
expires
Mon, 24 Apr 2023 07:59:00 GMT
gtm.js
www.googletagmanager.com/ 		250 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd89bed782a8ac641c28addf662568a121a3ad2eaeb37ba3fc8c8b544f277b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89017
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&random=0.5498965853880013
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
83894c8f2086b30672f1f28173248c96c434f79c9aed93683a031a7ccea85cb8

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 24 Apr 2023 07:51:50 GMT
content-encoding
gzip
via
1.1 google
server
gams1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript; charset=UTF-8
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DE327D472A3D577D836577DA1008F9561&h=76c9b1c331b6b72ea769ca185131c492&r=0.41166296819622406
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:51 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
embedder
adserver.pressboard.ca/v3/ 		351 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:51 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
351
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
moatcontent.js
z.moatads.com/torontocontentstarcontent37863992/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:22:35 GMT
server
AmazonS3
x-amz-request-id
31EA48740775C598
etag
"491121b0fb1268b17bdb2c53880291f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=20116
accept-ranges
bytes
content-length
54912
x-amz-id-2
8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
v1.js
playback.oovvuu.media/player/ 		389 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/player/v1.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
5398c0f9ed0af8a3eec8338635c1e876e3eb1d9fb253523cbfd2aa98709f8a7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:51:41 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
10810
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, s-maxage=604800, max-age=0
content-length
389
x-amz-cf-id
0k4s0jHx1s395tNXkH88czup38i-r2HtMyxMlTwM_ta87InBH8pY-w==
material-icons-outlined-all-400-normal.woff2
www.thestar.com/static/assets/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?v=e4106b07
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 03:17:15 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
16476
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
128844
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"1f74c-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
40BT-NLKy0re9uRz-s4DSlC6qLes8xu2xnhwlRCmuzTpZvL9BGZAhA==
material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:33:16 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11915
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
103852
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"195ac-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Nv7xppvsKco8sxiYLqhFRhZc_xjPlf2lt6JrI9NeUxMlWbqKA-MnaQ==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 03:22:04 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18104
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
L4WfPwdU9ueW6uv5Fn0P7tGFcCXPiZcNqdswrRS3riaRIMQLLbZECQ==
/
d1nxn87txdj54y.cloudfront.net/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-153.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:51:53 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
hHGErZGwx2vWqVGxc685G03eTtrFHFrit43M8RNZm-_yM3eb5RYqLg==
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 02:38:32 GMT
Via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
18799
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
oEUC0WJ_CPVePDDYd1Ml3h-PGVbMFWIxO9VDiwkef8B5db2nnsod_w==
Expires
Tue, 25 Apr 2023 02:38:32 GMT
q9fqmmutk5a97trs-nbc.js
cdn.petametrics.com/ 		157 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=467311
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
f7160fe443d32f0e4578d3ab5416de8c267289613297a2d9dbcc75733425dc69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
content-encoding
gzip
x-amz-version-id
ERbVIarZ1rISsHslj8F21HdZHLRJTt8v
last-modified
Thu, 30 Mar 2023 03:36:46 GMT
server
AmazonS3
x-amz-request-id
5XQWM8PQRCPQSJ8A
etag
"bb66a896f1f818dad31656bdc8030f36"
x-amz-server-side-encryption
AES256
x-hw
1682322711.cds223.am5.hn,1682322711.cds279.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=31536000
accept-ranges
bytes
content-length
46842
x-amz-id-2
tBiuAHmtn2SAY49BoGVh9avXKF/o61gAQh7XspTZIZKXuTkm2PSN3ZJfgRF555QTSezWOacZnhY+JWxd9oQYfA==
apstag.js
c.amazon-adsystem.com/aax2/ 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:03:49 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2883
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
lFxRyxIw_wLy5T4SEoN7mf9xvZ7YwbM_fBp_BuQtfMFcQ-yLIKaTpw==
Rankin_Jim_logo2015.JPG
images.thestar.com/M-qEt9x43GqVJpbVKLlpBocAeXk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/M-qEt9x43GqVJpbVKLlpBocAeXk=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Rankin_Jim_logo2015.JPG
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8be9902de75306809167ab335f0b7668ac49f809459e6d0ffdcffb8e992aab21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 02:13:26 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
452305
etag
"59a2915050afa9852657f5c050196998d581b421"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
1752
x-amz-cf-id
x_-P62g8KbYq0hb7RRTxl8dDLcs21gAHoHNWivx41AJYytvj90XLWg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cs
torstar.blueconic.net/DG/DEFAULT/ 		16 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json901
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.148.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-148-95.compute-1.amazonaws.com
Software
- /
Resource Hash
e41610c9babb56728df65b3b38eab8076c5d774fa9baf5fb66fd8b3de800a8bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 07:55:59 GMT
px.gif
ad-delivery.net/ 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117897
x-guploader-uploadid
ADPycdu1gutNV_MDJjmHU4fZFi_b8hPqhN3mfSHRMKIY3-uPX-GATLc78ULmDnGH2pAUUWIfc9ZN_UgKNeS3txdx2OGLNYHI9Hph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wApS6h1TshmV8Q5TP3sPQie6eBfl10EvJ9BCxls%2FQcuwlw6%2FCmtfuN3BoPPJyiKdHKz9aNTJYFTxt4rI0hlxiCP4ItELUr9CAvt8EHEUpRwc5D84Ef6BwK4hTDlnZG46XLJipc%2BRsnAwbX05AA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bccc3755e6ab98e-AMS
expires
Sun, 23 Apr 2023 00:06:54 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 05:30:18 GMT
px.gif
ad-delivery.net/ 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7255516234452992
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117897
x-guploader-uploadid
ADPycdu1gutNV_MDJjmHU4fZFi_b8hPqhN3mfSHRMKIY3-uPX-GATLc78ULmDnGH2pAUUWIfc9ZN_UgKNeS3txdx2OGLNYHI9Hph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFVYS70fW16AT7WxTny2ydLopghZzq20I%2FhdvX3hqpWchvtA2RmeWz8FL53q4WPLbB2EFtCLb8oN6czt625i6X3V9P7KrLRBWwa3FSx18DAfbsbnStgfXRtuBIE67L704KGa1CtwQemsaHXnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bccc3755e6cb98e-AMS
expires
Sun, 23 Apr 2023 00:06:54 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=f963b3e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59469fc329a12bf75571996952e62a26c196cf7228978ad2f89c9a2c0100f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25053
x-xss-protection
0
server
cafe
etag
363 / 19471 / m202304180101 / config-hash: 6342739278968460252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Apr 2023 07:51:52 GMT
breakingnews
www.thestar.com/api/alerts/ 		19 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/breakingnews
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:45 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
age
7
x-powered-by
Express
etag
W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
content-length
19
x-amz-cf-id
9pRRkPJ-UJV-CedpbhrXVbA-TUWh5Q65S7f7uM518fCI_Q3_sy5GHQ==
updates
www.thestar.com/api/alerts/ 		19 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/updates
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:45 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
age
7
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
content-length
19
x-amz-cf-id
S4BiHt6NMO8ksxSFCKuC4ZuM2JKN-aLAt1pIc14JCjnFZ5vh4x-EeQ==
related
api.parsely.com/v2/ 		32 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/related?apikey=thestar.com&tag=tlc_news&url=https:%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&limit=20&boost=views&pub_date_start=48h
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.207.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-207-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ac638601f052e0363ac16c73d5de35fa4972f8318ae7c47d7e8c9ee8f1a6f76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
server
nginx
x-cache-status
MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
expires
Mon, 24 Apr 2023 07:53:52 GMT
articles
www.thestar.com/api/ 		79 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/articles?type=top
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
eef44e6fcbb9fe6c4410e5af271f17004ceb9ecfd0a13badac3b5033c22df1db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:47:51 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
age
241
x-powered-by
Express
etag
W/"13cdf-0HEfjrHA93xYevqjZAARRer1JJ8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
x-amz-cf-id
EN8R84fkpnoECr_fO-GbG4wp6yRnXdtpIYPuZqLImBbuf2ZZIXuGwg==
posts
api.parsely.com/v2/analytics/ 		39 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/analytics/posts?apikey=thestar.com&secret=XMZfv5sJ1L3qE6DZfkeSIh4mI4bCvQ1hZdyWNEOZAQg&sort=views&limit=20&page=1&period_start=15m
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.207.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-207-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3f374ce6ab4d73c3248de8123d28f1018a3fd7b9dce02aa96390f1f2fcfd7515

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
server
nginx
x-cache-status
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
expires
Mon, 24 Apr 2023 08:01:52 GMT
16.css
www.thestar.com/static/ 		257 B
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/16.css?v=77f92dd85f139b4be241
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=f963b3e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 08:06:37 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
85515
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
257
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"101-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
OmWwbU_FlZi8a7NuIqznJ9nBbZY-ISHed8ic1YSMEAqnPof6x42n-w==
RightRailAds-RightRailAds.chunk.js
www.thestar.com/static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/RightRailAds-RightRailAds.chunk.js?v=a22db517
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=f963b3e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
c48bc4f01369f91ddac7a973f9c630a8855dc2d58776b0ca5b3afb6d675e80df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 21:58:30 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
35602
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"141e-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
x-amz-cf-id
R0LHJBYlqRo_tTL4AZEKQoGT8qICO-po3Bm6fyJDLU3MbYLTe-3Vyw==
indicator-icon.svg
www.thestar.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/img/indicator-icon.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:33:31 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11901
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"664-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
Hsw836tM4MPZsbQMeGQWL-NomtwIOn5FJYHYmU1via58hhNBNwVwag==
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff80676b83edc22ffea1a236b6cdbc8c9b27ce38d13b00033f6a1375fa3df377

Request headers

Referer
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 08:16:33 GMT
NSG-Logo-NSB.svg
www.thestar.com/assets/svg/ 		28 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/NSG-Logo-NSB.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
52c6b724460d1cc1eef6b6b43f27f26d9f17f392ca2148e0df83f05f3cbc9970
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 06:51:59 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3593
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"6e4e-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
T9x-B2hpVnCnrtApSzrb8hf_C-5wo_QI3bG3YVAHmetcwt2dDHLkfA==
serviceiframe
news.google.com/swg/ui/v1/ Frame 2813 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1682322712279&publicationId=thestar.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2fc7fa1867c5b5a56ffcf58b5e693cdf18c84b2b9a7b8ff49716dccd1e7f6b9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-q9QOqt_MsjsOZOlBAPD4iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-q9QOqt_MsjsOZOlBAPD4iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Mon, 24 Apr 2023 07:51:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d5afa5c45d8f35e3899961359c93302ff03b0d9f119875a8e6cede9f39abf2f2

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:52 GMT
AN-X-Request-Uuid
dd465a66-8be3-4ace-953b-0533bc43684e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
31.204.152.196; 31.204.152.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		247 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d34702699b46f7a599791846b4fd48bf01d918c6b8104a7b9bc69980ba85623e

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171
watson
api.permutive.com/v2.0/ 		371 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c0cf676c86411d53783451c6d11cd8cb4baf3ba19940e588964794ee76d0e5a0

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investi...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-invest...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&c8=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&c9=https%3A%2F%2Fapple.news%2F
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
lpnrAD3xfBbJdo9j8pqA7DeAwBzkuCAsQR6ATTYaGVi4SFfNJXUMrA==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 24 Apr 2023 07:51:52 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682322712440&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&c8=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&c9=https%3A%2F%2Fapple.news%2F
content-length
0
x-amz-cf-id
6EUmgerAXhoAgIXcWkuYdwWlMaaeCE-Yuibneo-jsWMQm7H1ixL1nA==
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4851:ca80:f712:6be1:b2f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ecf4138d52acb1c51f0bfd59fdbf2f789f5c50e64b7c3096bf991ff2685895e

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-instance-id
i-011df56a755e6ea4f
pragma
no-cache
date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 24 Apr 2023 07:51:52 GMT
entitlements
news.google.com/swg/_/api/v1/publication/thestar.com/ 		2 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4851:ca80:f712:6be1:b2f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ecf4138d52acb1c51f0bfd59fdbf2f789f5c50e64b7c3096bf991ff2685895e

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-instance-id
i-012974efb09e420f0
pragma
no-cache
date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 24 Apr 2023 07:51:52 GMT
aa1fc6b2-fad7-40e4-b1d3-378e029739b3
https://www.thestar.com/ 		215 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/aa1fc6b2-fad7-40e4-b1d3-378e029739b3
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
220645
Content-Type
161791cc-d140-4726-8085-701be1a947f1
https://www.thestar.com/ 		215 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/161791cc-d140-4726-8085-701be1a947f1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
220645
Content-Type
id
dpm.demdex.net/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1682322712546
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.135.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-135-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f4d9efd3c46da657777d181f8f9fe84471736099b72352eecfc9db11e25e516a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v047-01de32611.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
8JUZTGs4TvA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thestar.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
325
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
qWTwAI1e3LVy8Ptu3C2nBrtQDgrxEHc9
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 04:38:55 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
11587
x-amz-server-side-encryption
AES256
etag
W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
uIvLYERE8xIV9RCv1fpl6Z660vLEls9P_7bnq1ds5tFG6AbJHDLbjQ==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Qd2H2xCI4iuIkIJUv_vAOOceWO355ujJ
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 04:23:52 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
12481
x-amz-server-side-encryption
AES256
etag
W/"b89fcb8870ac40eecb6d3cc844d35389"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
WNmv7hZei8UDOfb8IhKWAGVsbKDLspGNokIVt9n4wTn62xc20bIcwg==
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 2813 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-4OLkR10N9hJmjNIzoFPDEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1682322712279&publicationId=thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-4OLkR10N9hJmjNIzoFPDEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/ Frame 2813 		521 B
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/m=serviceiframeview,_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682322712279&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 05:58:58 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs... Frame 2813 		198 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682322712279&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52b3123de7b78e6b47142295712347436d22c0a3d81085916701203557fbce80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71541
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 02:50:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 19:02:36 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=KYrrEAHxD&w=5166328627855360&o=5071905434894336&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&sid=ZzAhWK79&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:52 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ 		398 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 19:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
43706
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126571
x-xss-protection
0
server
cafe
etag
16530882680372410927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 22 Apr 2024 19:43:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		298 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de4bf3cac42279a6a7122862e2b3d52282677fbdc7cf636c7e0e8f4852b21704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
x-xss-protection
0
expires
Mon, 24 Apr 2023 07:51:52 GMT
services
sr.studiostack.com/v3/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2187d4835b3410f0adfeafd43e39ca5bb982f80ef6908be2273771a4d2ce3b2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
26227
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
index.js
playback.oovvuu.media/player/v2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/player/v2/index.js
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
4eb1431d871d80d4fd51c3ec502d64aed4b1332fc6a0329dc9e4ee2137cb9ddd

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 03:50:03 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
273709
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=0
x-amz-cf-id
EQuivbl2vFB-0cIyV-XnjQBPExzeJ7zktQ8zA-tUFdVRXoAEMDxmiQ==
p.js
cdn.parsely.com/keys/thestar.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/thestar.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 24 Apr 2023 04:15:59 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 01:41:35 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
12953
etag
W/"62b5164f-12236"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
z8z4m48pjSkaoSJImPrjv3eJr0OJSLvNPbrVuLiT3XQ2_81VY3kFOg==
expires
Tue, 25 Apr 2023 04:15:59 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4936f78570a923a7e85ea0c70b531c55be1b811804cda22fc0ea27ebd3389a97

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/__activity.gif?e=pageview&ct=Peel+police+investigating+heist+of+over+%2420+million+in+gold+and+high-value+goods+from+Pearson+airport&ccu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tspl=1661&blst=513&ist=1647&iet=1657&bdst=513&bdet=853&bcttt=19&jsfv=nbc&ts=1682322712708&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&uid=5903ee75-6dcc-470b-b218-830068e0ee85&sid=58af7795-b517-40af-8b50-53a5d9467524&pvid=5e5a36fb-d243-4a7c-be56-515ce0d2d61c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.2&saveData=false&ctyp=unknown&ref=https%3A%2F%2Fapple.news%2F&tzo=0&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:52 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		103 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A52%2B00%3A00&ts=1682322712754
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
40fe4912c59338d43f21fda3535750983e21dd2b8b8664b2520d63e821d62c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
16405
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
KkcS2yneJDjlEKGS6FUxNdgScjtnlAT2I8Nu2bSmIM0PNtJcgHo9ww==
expires
Thu, 01 Jan 1970 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:14:14 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
9458
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
OPWXu3k2dkVReRTmbwsKPqeix6O1hnPxoqdXlvF6eQHQq2AzBNnd8Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 06:28:19 GMT
x-amz-cf-pop
FRA2-C1
age
29589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GbGt_Hx3PLvPhxpmVfZiagosXSNqqwrrNCxtzqvLEoG1Q0t7urHprw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 07:37:22 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 24 Apr 2023 09:37:22 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.3.1/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@3.3.1
  • https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
571215
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GY836PPFD6V2VBWGQV5C5SPK-ams
server
cloudflare
etag
W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7bccc37d3faad0b9-AMS

Redirect headers

date
Mon, 24 Apr 2023 07:51:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GX618RSN0AHVC8JWWWRRAAYT-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1714095
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.3.1/dist/web-vitals.iife.js
cache-control
public, max-age=31536000
cf-ray
7bccc37c1e1cd0b9-AMS
js
www.googletagmanager.com/gtag/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56c941b1e3f874127b049f1bc080ab30d366f4c89fd577ba60fe027cfaac14a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:52 GMT
js
www.googletagmanager.com/gtag/ 		233 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70bac731b6e0fe4fd045f4c4481557ca4616884ca4b3a7729e165360788e9757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82006
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:52 GMT
model
query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/model
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
28e777b88e72313ccef8f8cd1152683583205300396a5bfeb59bad7008d09a78

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 2C94 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.208.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-208-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v047-0ce891180.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5NKgYM5CRls=
content-encoding
gzip
date
Mon, 24 Apr 2023 07:51:53 GMT
last-modified
Wed, 12 Apr 2023 09:58:14 GMT
vary
accept-encoding
id
s.thestar.com/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=75218257341515758790122286036848578529&ts=1682322712867
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
3b35e8a9a0f663e530206b5269949ed035e6204502ba27b74ba8cbf0f75c9051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.thestar.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZEY1GQAAANn7lANx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=75254817816889434370125951155054892523
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEY1GQAAANn7lANx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEY1GQAAANn7lANx
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
HTTP/1.1
Server
52.51.135.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-135-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-077ee1b54.edge-irl1.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tXi/CXo7QQw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEY1GQAAANn7lANx
Date
Mon, 24 Apr 2023 07:51:53 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1682322712%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%223b008a42-a779-431e-af81-803a2a755dbb%22%2C%22firstVisit%22%3A1682322712%2C%22previousVisit%22%3A1682322712%2C%22currentVisit%22%3A1682322712%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1682322712%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22section%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageImage%22%3A%22https%3A%2F%2Fimages.thestar.com%2F05NkIX2SB5dYAb2kJEFxj6ALIZc%3D%2F1200x815%2Fsmart%2Ffilters%3Acb(1682110884961)%3Aformat(webp)%2Fhttps%3A%2F%2Fwww.thestar.com%2Fcontent%2Fdam%2Fthestar%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson%2Fpeel_insp_duivesteyn.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22path%22%3A%22%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22title%22%3A%22Peel%20police%20investigating%20heist%20of%20over%20%2420%20million%20in%20gold%20and%20high-value%20goods%20from%20Pearson%20airport%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Insp.%20Stephen%20Duivesteyn%20said%20the%20theft%20is%20an%20isolated%20incident%20and%20that%20people%20flying%20in%20and%20out%20of%20the%20airport%20are%20not%20in%20danger%22%2C%22topics%22%3A%5B%22News%22%2C%22gold%20heist%22%2C%22Pearson%22%2C%22Peel%20police%22%2C%22RCMP%22%2C%22smg_gta%22%2C%22smg2_news%22%2C%22InHouseArticle_thestar%22%2C%22dct_ts_gta%22%2C%22dct_ts_policing%22%2C%22dct_ts_crime%22%2C%22Stephen%20Duivesteyn%22%2C%22greater%20Toronto%20airports%20authority%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22e72948b0-dbec-41c3-9d71-1e09c3e023e9%22%2C%22w%22%3A%5B%22vf-conversations%22%2C%22vf-conversations-count%22%2C%22vf-tray%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.6.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-6-114.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
date
Mon, 24 Apr 2023 07:51:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageViews%22%3A3%2C%22outgoing%22%3A%2210%22%2C%22sessionStart%22%3A%221682322712%22%2C%22uniqueId%22%3A%223b008a42-a779-431e-af81-803a2a755dbb%22%2C%22firstVisit%22%3A%221682322712%22%2C%22previousVisit%22%3A%221682322712%22%2C%22currentVisit%22%3A%221682322712%22%2C%22visitCount%22%3A%221%22%2C%22referrerStart%22%3A%221682322712%22%2C%22refVisitCount%22%3A%221%22%2C%22ref%22%3A%7B%22medium%22%3A%22referral%22%2C%22source%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22section%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageImage%22%3A%22https%3A%2F%2Fimages.thestar.com%2F05NkIX2SB5dYAb2kJEFxj6ALIZc%3D%2F1200x815%2Fsmart%2Ffilters%3Acb(1682110884961)%3Aformat(webp)%2Fhttps%3A%2F%2Fwww.thestar.com%2Fcontent%2Fdam%2Fthestar%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson%2Fpeel_insp_duivesteyn.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22path%22%3A%22%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22title%22%3A%22Peel%20police%20investigating%20heist%20of%20over%20%2420%20million%20in%20gold%20and%20high-value%20goods%20from%20Pearson%20airport%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Insp.%20Stephen%20Duivesteyn%20said%20the%20theft%20is%20an%20isolated%20incident%20and%20that%20people%20flying%20in%20and%20out%20of%20the%20airport%20are%20not%20in%20danger%22%2C%22topics%22%3A%5B%22News%22%2C%22gold%20heist%22%2C%22Pearson%22%2C%22Peel%20police%22%2C%22RCMP%22%2C%22smg_gta%22%2C%22smg2_news%22%2C%22InHouseArticle_thestar%22%2C%22dct_ts_gta%22%2C%22dct_ts_policing%22%2C%22dct_ts_crime%22%2C%22Stephen%20Duivesteyn%22%2C%22greater%20Toronto%20airports%20authority%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%2248b8e25f-bcfc-4b62-88fc-8dfa7456fc46%22%2C%22w%22%3A%5B%22vf-conversations%22%2C%22vf-conversations-count%22%2C%22vf-tray%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.6.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-6-114.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
date
Mon, 24 Apr 2023 07:51:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 07:51:53 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
App.js
playback.oovvuu.media/player/v2/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/player/v2/App.js
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
34b6ba37126323d980521d6674bf8738b230e7cc85df04bf091a0b8e780169a7

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 03:50:19 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
273693
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=0
x-amz-cf-id
qJajqmkJKTt24Zxo7hzTXVaYa6n85R6TsoBg16ZsEtFcGTc6XR7-2A==
base
playback.oovvuu.media/notify/ 		42 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/notify/base?e=page_load&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
https://www.thestar.com
cache-control
must-revalidate,no-cache,no-store
content-length
42
x-amz-cf-id
cviiBbwKlvw_yYHbUbh8x72f1qun9kpxAhaWgORfRuCXBv_HKHyXzg==
attention-data
sr.studiostack.com/track/ 		207 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8558f2c5daeffb0e4ddb7606322a769a36bf05e65ce8c647bb5c4a422245f37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:53 GMT
ETag
W/"cf-0OOnpGHpOfgJJKex4HvF5kMC5vc"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
207
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je34j0&_p=1853909574&_gaz=1&cid=1385472192.1682322713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682322713&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&dr=https%3A%2F%2Fapple.news%2F&dt=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Asset_Alias=peel-police-investigating-possible-gold-heist-from-pearson&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=1385472192.1682322713&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=1385472192.1682322713&gtm=45je34j0&aip=1&z=188513390
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je34j0&_p=1853909574&_gaz=1&cid=1385472192.1682322713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682322713&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&dr=https%3A%2F%2Fapple.news%2F&dt=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=peel-police-investigating-possible-gold-heist-from-pearson&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1385472192.1682322713&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=1385472192.1682322713&gtm=45je34j0&aip=1&z=1402536502
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1... Frame 2813 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5OemJNg0GvVPRhEnJ05_ssp9HSxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7970c2c0b7cf26c0a458622c5aa2c6544ed37c873777471adbf45ba73772d77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42727
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:31:55 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1... Frame 2813 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5OemJNg0GvVPRhEnJ05_ssp9HSxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac20608cc1d025b219fa046260079973e0a3e1087a1ef4f52bdc75169425d202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7425
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 06:29:56 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1853909574&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&dr=https%3A%2F%2Fapple.news%2F&ul=en-us&de=UTF-8&dt=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1077946975&gjid=1454639701&cid=1385472192.1682322713&tid=UA-70431129-1&_gid=840837939.1682322713&_r=1&_slc=1&gtm=45He34j0n81P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&z=1550514267
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1853909574&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&dr=https%3A%2F%2Fapple.news%2F&ul=en-us&de=UTF-8&dt=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=702076874&gjid=428805126&cid=1385472192.1682322713&tid=UA-73335503-3&_gid=840837939.1682322713&_r=1&_slc=1&gtm=45He34j0n81P86MZHL&z=1133647720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
images
www.thestar.com/api/liftigniter/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
557606099fbed4d68ae43d4b37967bf9d38f3db361fff4dc2c17d22b80fd083d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"2471-8VYlsfs2iJKZtb5nIr6XTYIwhEc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
_tZ8fbMX5AwOFHtXSgLExbyFW7QXFcKFVs3JxmVGw-4g9UjzQOmiLg==
auction
elb.the-ozone-project.com/openrtb2/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc202e8e597449bb646e44edef0e21113afa0e0dc2206c3de54a96ae36b91b6d

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bccc37e49440a51-AMS
expires
0
05fd4a4c9b8a5b77237ad3e621a39dcd
z737.thestar.com/plugin/plugin/ 		237 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/plugin/plugin/05fd4a4c9b8a5b77237ad3e621a39dcd
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
d23c9b5fcabffe2bbb0e18f365a6cb8b6546de740e852f2ea2d93d2b950fb264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
age
838451
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
53785
x-xss-protection
1; mode=block
last-modified
Thu, 13 Apr 2023 14:57:42 GMT
server
-
etag
05fd4a4c9b8a5b77237ad3e621a39dcd
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
esCZcV7ffJiGsBYoT5jn9IZIit3CcmP8hmZitCmXsMe46kwVt2VReg==
expires
Sat, 13 Apr 2024 14:57:42 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-70431129-1&cid=1385472192.1682322713&jid=1077946975&gjid=1454639701&_gid=840837939.1682322713&_u=YADAAAAAAAAAAC~&z=2141956050
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74ac90167fd8dc1ef29e518947d19b122bcc26481aa4c09433f1ece6d2d9244b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 05:53:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Apr 2023 07:51:53 GMT
2d5d76c3-7346-4dc8-b549-f438a7dd8341
playback.oovvuu.media/embed/d3d3LnRoZXN0YXIuY29t/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/embed/d3d3LnRoZXN0YXIuY29t/2d5d76c3-7346-4dc8-b549-f438a7dd8341
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
05fde257ab80b3eac2bde1fc720ba59cc6b8ece2e71c675fb72d53231b443109

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:50:49 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
64
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
public, s-maxage=300, max-age=60
x-amz-cf-id
uaN74l6ld304MQPryI-A0Z9jMo6DGfFMC0tjWwPu2OOJdkeZywjfhg==
a8a2736c-30c9-4ccc-af59-1b5ab6792f06
playback.oovvuu.media/embed/d3d3LnRoZXN0YXIuY29t/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/embed/d3d3LnRoZXN0YXIuY29t/a8a2736c-30c9-4ccc-af59-1b5ab6792f06
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
3c7e715e692988844c5d06321464a4fe0d34a132e04914975152c442e5ad87e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:50:49 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
64
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
public, s-maxage=300, max-age=60
x-amz-cf-id
0LcLajDJYZhZRQqpWJkhw1LgzrITRy_JB5see55D-W1BmqriPKQxtw==
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1... Frame 2813 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5OemJNg0GvVPRhEnJ05_ssp9HSxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57539d9045c52b30160e0aaf179346f370f0bdf53bf1810614ade8f51f8feae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
711
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 21:53:27 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1... Frame 2813 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5OemJNg0GvVPRhEnJ05_ssp9HSxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaee853d839d640d5a3e87fc0fabf43e4c8b747b9ccc7460d55bb9f2647ab2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5100
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:31:55 GMT
mdc.textfield.min.js
z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 01:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
age
2270602
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
11561
x-xss-protection
1; mode=block
last-modified
Tue, 28 Mar 2023 01:08:31 GMT
server
-
etag
6255d33f94b82e67e60ed3d71ba26fe3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
nIPzbyRgOkRDFqH5DrK_wxOCt5tF1qOiMrOt1Z67FamxbnoBdCmkmA==
expires
Thu, 28 Mar 2024 01:08:31 GMT
user_agent.min.js
z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 01:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
age
2270602
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
1274
x-xss-protection
1; mode=block
last-modified
Tue, 28 Mar 2023 01:08:31 GMT
server
-
etag
333f52c72fdc4072c6c7950dab8f54f4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Fjb21bNxHt6jiTEtPZjX0vd6rP35-eXoGUnySn6T_xlpbISvGBw1Ww==
expires
Thu, 28 Mar 2024 01:08:31 GMT
c90fc4557c6cc834776dc346689b9762
z737.thestar.com/plugin/library/ 		327 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/plugin/library/c90fc4557c6cc834776dc346689b9762
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
41973789d2a0467f6a188d20246909324ae148511232fd53f406393a4fc3add1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 14:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
age
838450
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
103039
x-xss-protection
1; mode=block
last-modified
Thu, 13 Apr 2023 14:57:43 GMT
server
-
etag
c90fc4557c6cc834776dc346689b9762
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
zLagwb6bxgnsEmsILQ55PuKJ70udelUbFwzTOBOCNXUxxlzrwTzptQ==
expires
Sat, 13 Apr 2024 14:57:43 GMT
LB-Zone-2
z737.thestar.com/DG/DEFAULT/rest/rpc/900/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=&bctempid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713331
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
88d2f5eb271c5b4eed4a89f99a78276ec41752d5256a486f0bc22bf718972dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1208
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
VNp3qFH_pjx1qJ6PM9_MoDzpPJdqrMc6zG7rJuoY9x6tungdPIQSmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 2813 		158 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=263548618064875717&bl=boq_subscribewithgoogleclientserver_20230419.03_p0&hl=nl&soc-app=673&soc-platform=1&soc-device=1&_reqid=28314&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0a49610fe25703c8c7eca43b7c2386e7e35e4f60fa379100b885ab8824ac5b4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
Embed.js
playback.oovvuu.media/player/v2/ 		134 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/player/v2/Embed.js
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/App.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
d531f1d55518addc069760f406f8b796990a26863b1b7f6af53e2de536807c04

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:36:21 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
368132
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=0
x-amz-cf-id
cxsC5qzmNVWpSkax1ad5S4C1EFDHFEgghbyoqge0c1huCMQbZNv_ww==
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1... Frame 2813 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5OemJNg0GvVPRhEnJ05_ssp9HSxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b77efcf68621e95a5382b8d5c47029fd62372d3b64e4d93391962fd75548847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36779
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 21:53:28 GMT
watson
api.permutive.com/v2.0/ 		371 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c0cf676c86411d53783451c6d11cd8cb4baf3ba19940e588964794ee76d0e5a0

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
config
push.kumulos.com/v1/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubdomains;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-max-age
36000
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
config
push.kumulos.com/v1/web/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
events
events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
strict-transport-security
max-age=15552000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
strict-transport-security
max-age=15552000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
events
events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
PoweredByLink.js
playback.oovvuu.media/player/v2/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/player/v2/PoweredByLink.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
89da3cdde3e1342c4be9c33c4a8b21ad7efa987154b62490ebf00dc9dddf78b2

Request headers

Referer
https://playback.oovvuu.media/player/v2/Embed.js
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 03:50:20 GMT
content-encoding
br
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
273692
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=0
x-amz-cf-id
ADt8nWcpuK0_KeyYZY4BH7DHfcN_UU5OqYaAzTgliWB558xA4Y0D7w==
segment
api.permutive.com/adv/v2/ 		30 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:42:39 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11738
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
56380
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"dc3c-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
m6dTvZ0_g_vfQTlpJ7szFJxcUN8ku8wo_TLnIWfQ5qtk1HrCtzpQPQ==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
content-length
0
x-amz-cf-id
aR129OYRwZgOkomzfMOLrYbep-PYi5ub1yAR4lgMx9H6Go_OywDXQg==
MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 06:28:27 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
5006
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
55032
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d6f8-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
eezEUryoyWi9QfUlhT0UOIHWIC4j4f5EMKPDEhmyjzUKznEWuJbXeA==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
content-length
0
x-amz-cf-id
8K23O0LWbiCjvY_duK0g2BviyE8ZxuFxgIeaptBsxwEjKRb79E0YPw==
MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:06:28 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
9925
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54304
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d420-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
G-XBGstdxkDkMFZUi8VdOe2WTr3M7cO5iXN5VUqQ8BzBMRGFahMmlA==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
content-length
0
x-amz-cf-id
6VcQUVdmKRiS9StRjfWmbsJyzUVpJ0pRX6bl3VcufUGFzy0NBp1wyQ==
TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/
Redirect Chain
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:59:31 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
6742
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18736
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4930-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
2e1jtKc801rgdtREnLJrL02ArGEuZdmz2eHyZ5lymMYMzEjwS86nLA==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
content-length
0
x-amz-cf-id
v_bsI_OBC3SkuVTw4czP1Zx6AdvEWgjx98g32dKYv4oFNhLeMilOjQ==
material-icons-outlined-all-400-normal.woff2
www.thestar.com/static/assets/
Redirect Chain
  • https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?v=e4106b07
  • https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?rf&v=e4106b07
126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?rf&v=e4106b07
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 03:17:15 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
16478
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
128844
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"1f74c-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
rOWS2k8x9xI7mp4B-dG7f6LLgs_x8b2geedMsx8BH2Ui5_twONlqpw==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?rf&v=e4106b07
content-length
0
x-amz-cf-id
KRDfatIzNJzN99MvsFy-PAx20M7P9kMBqi7hnYR7JWz3-2A96ppjtw==
material-icons-base-400-normal.woff2
www.thestar.com/static/assets/
Redirect Chain
  • https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2
  • https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?rf&v=fe7e45c2
101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?rf&v=fe7e45c2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:33:16 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11917
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
103852
last-modified
Mon, 10 Apr 2023 13:19:45 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"195ac-1876b528d68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
gNZ2Abvq5X5_eAHZF1fw36oxH00TyAJnk2BNmBNLMBtzq1zD_acbcA==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?rf&v=fe7e45c2
content-length
0
x-amz-cf-id
xbWt_RzTJblJWw--R8-nDBbjSAkRGnIsbm9yWZJqc7tWhvZlWGSeQw==
TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/
Redirect Chain
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf?rf
24 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:45:44 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
369
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"6028-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-id
LHgW95QDoTm6nP9QYn7dWNCDlnwDLedasLndN20PUOW3NJJ3JGzctw==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf?rf
content-length
0
x-amz-cf-id
cmV_kGC9l5nVebIueAwejJXz_rWEHx0RT3f6dKbq62gETJAnLQeAQg==
TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/
Redirect Chain
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2
  • https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2?rf
18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:40:14 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11499
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18276
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4764-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
crMeA0CaWmxcvYq3F7X_pQJVtWWNrgka_YCMr_eOhPigHUTEN0cQsw==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2?rf
content-length
0
x-amz-cf-id
iRa2eIkNYs9bqRw9hXClUKSf-9bTQZv3fX1Q6oDcf0iZR-qunjcvRw==
MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2?rf
52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 05:32:00 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
8393
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
53664
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d1a0-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
nTfkeBNOTpb4dJpHQKnAG9uQgV4blgIjez822taEuIYox07dEBNNwA==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2?rf
content-length
0
x-amz-cf-id
KZ3wljx8InddzTvg_XO3uaIfZkscYD9QdcdPeon-s0lo-OnRil8Dww==
MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2
  • https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2?rf
54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:06:52 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13500
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54800
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"d610-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
Iip6QITh41vne1wG7ax1AB0d5YCa2rqqfNaJacuAYKudQ9caFm7-pQ==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2?rf
content-length
0
x-amz-cf-id
5asmqz4SrRJx93Yhr8wngcytB11ytaj9YbIKb58qSZ0KTpgA4F1xcg==
TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/
Redirect Chain
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2
  • https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2?rf
19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
Protocol
H2
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=2997d7c32f9d1db621d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:11:21 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
13232
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
19052
last-modified
Mon, 10 Apr 2023 13:13:32 GMT
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
etag
W/"4a6c-1876b4cdc60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
accept-ranges
bytes
x-amz-cf-id
tC-GGebsbKI5bg5q8ovz-N48xwTSYnkj-WwqNbllcds-d_TRxvFRVQ==

Redirect headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2?rf
content-length
0
x-amz-cf-id
SE49n8p7IxNilK7VCbc1sMCt7P-QvUnzJvNPWUUSbijUODp4TtZlXg==
B24540798.279406836;sz=1x2;ord=436380227806
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=436380227806?
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
d3ea5fb736ebfad6afd3dffd9bd814d6c339b0e1c6214299eeea754b9c04d6ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13600
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33bf786b822ca284f7f83360b1dcd310781ee39482e3134503e0424ec94987a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41032
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 07:51:53 GMT
images
www.thestar.com/api/liftigniter/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
cceaafb7322383a542c0498b2204814a1bbc330cd3d905a1128d115053aa51c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"21fb-D7WkiD+zS1YmD3PiHyZBuOX3pMI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
cxrzeWA9_hcKNTv21SVoufAE_90qtGG0thMb6by9Ys5aPRWAS8pWyw==
index.min.js
players.brightcove.net/6146357338001/GJXdK30c6L_default/ 		910 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/Embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
929e98ac32cb3b0bf033c619c2baa6b5b60e0c97bb02712b5aad315ed827a994

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
wq2mgG45pWjeoQSntf2LnbuVudVndc8P
Content-Encoding
gzip
Date
Mon, 24 Apr 2023 07:51:53 GMT
x-amz-request-id
DJQHVTNA4JM5ATH2
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
247952
x-amz-id-2
kd634Uu4DqWrDXU45B9tqIlsKoZoUJw/kA+f2k/pRl22L4gHf4kx7Noq3vAdQor9aRS9xHFPPI5O69iuMibijGwpuRTxkCV6usHsatG9pwA=
X-BCOV-Response-Mode
1
X-Served-By
cache-hhn-etou8220021-HHN
Last-Modified
Wed, 29 Mar 2023 17:21:44 GMT
Server
AmazonS3
X-Timer
S1680114283.615108,VS0,VE2
ETag
"e127e1a0cadf5a088e69aff5f4f0de63"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=89
Accept-Ranges
bytes
X-Cache-Hits
1
a8a2736c-30c9-4ccc-af59-1b5ab6792f06
playback.oovvuu.media/notify/ 		42 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/notify/a8a2736c-30c9-4ccc-af59-1b5ab6792f06?e=embed_load&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
https://www.thestar.com
cache-control
must-revalidate,no-cache,no-store
content-length
42
x-amz-cf-id
buG8G-mL29n-D7Bgk7v6LqkHbWkbBwideOnBuL6-AdTzrfq6pXgK9g==
ad1b67d6-e828-4c08-b851-e87b38574772.png
oovvuu-logos-prod.imgix.net/48/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oovvuu-logos-prod.imgix.net/48/ad1b67d6-e828-4c08-b851-e87b38574772.png?ixlib=js-2.3.2&h=100&w=100&fit=crop&crop=entropy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
91d061e2c041731885965af44e53c437f51356c5ab62343209b12d8ddf53fdac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
age
1109079
x-cache
HIT, HIT
x-imgix-id
e021f8b4ab0cac1ee96710d365dcce587fac4aaa
cross-origin-resource-policy
cross-origin
content-length
5161
x-served-by
cache-sjc10077-SJC, cache-fra-eddf8230023-FRA
x-imgix-render-farm
02.8744
last-modified
Tue, 11 Apr 2023 11:47:14 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
2d5d76c3-7346-4dc8-b549-f438a7dd8341
playback.oovvuu.media/notify/ 		42 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/notify/2d5d76c3-7346-4dc8-b549-f438a7dd8341?e=embed_load&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
https://www.thestar.com
cache-control
must-revalidate,no-cache,no-store
content-length
42
x-amz-cf-id
3aKSTbsiwsCI-SrW8sWGFAtjSGJRshJvHJO6ROYN9cPq8-5NuKcSuw==
__inventory.gif
query.petametrics.com/v1/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1682322713495&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&item=%7B%22content_tier%22%3A%5B%22metered%22%5D%2C%22publisher%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftorontostar%22%5D%2C%22published_time%22%3A%5B%222023-04-20T22%3A30%3A00Z%22%5D%2C%22modified_time%22%3A%5B%222023-04-21T11%3A48%3A40.825Z%22%5D%2C%22section%22%3A%5B%22News%22%5D%2C%22tag%22%3A%5B%22News%22%5D%2C%22title%22%3A%5B%22Peel%20police%20investigating%20heist%20of%20over%20%2420%20million%20in%20gold%20and%20high-value%20goods%20from%20Pearson%20airport%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%5D%2C%22description%22%3A%5B%22Insp.%20Stephen%20Duivesteyn%20said%20the%20theft%20is%20an%20isolated%20incident%20and%20that%20people%20flying%20in%20and%20out%20of%20the%20airport%20are%20not%20in%20danger%20%22%5D%2C%22site_name%22%3A%5B%22thestar.com%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fimages.thestar.com%2FcK58mb5v7IpO3w_5jbw8lMzdFB8%3D%2F1280x1024%2Fsmart%2Ffilters%3Acb(1682110884961)%2Fhttps%3A%2F%2Fwww.thestar.com%2Fcontent%2Fdam%2Fthestar%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson%2Fpeel_insp_duivesteyn.jpg%22%5D%2C%22truncatedDescription%22%3A%5B%22Insp.%20Stephen%20Duivesteyn%20said%20the%20theft%20is%20an%20isolated%20incident%20and%20that%20people%20flying%20in%20and%20out%20of%20the%20airport%20are%20not%20in%20danger%20%22%5D%2C%22subsection%22%3A%5B%22GTA%22%5D%2C%22hasImage%22%3A%5B%22true%22%5D%2C%22asset_id%22%3A%5B%22fc52fb47-5b4a-4778-8145-407b0619f8d7%22%5D%2C%22thumbor_image%22%3A%5B%22%7B%5C%22imageid%5C%22%3A%5C%22GTP1PM1DV.3%5C%22%2C%5C%22origImageSize%5C%22%3A%5C%221200x815%5C%22%2C%5C%22cropthumb%5C%22%3A%5C%220%2C0%2C1200%2C800%5C%22%2C%5C%22lastmodified%5C%22%3A1682110884961%2C%5C%22fullWindowMainart%5C%22%3Afalse%2C%5C%22forceoriginal%5C%22%3Afalse%2C%5C%22caption%5C%22%3A%5C%22Peel%20Regional%20Police%20Insp.%20Stephen%20Duivesteyn%20talks%20about%20the%20investigation%20into%20the%20theft%20on%20Monday%20of%20over%20%2420%20million%20worth%20of%20gold%20and%20other%20high%20value%20goods%20from%20Toronto%5C%5Cu2019s%20Pearson%20Airport.%5C%22%2C%5C%22source%5C%22%3A%5C%22Toronto%20Star%5C%22%2C%5C%22type%5C%22%3A%5C%22image%5C%22%2C%5C%22credit%5C%22%3A%5C%22Rick%20Madonik%5C%22%2C%5C%22mainartSize%5C%22%3A%5C%22medium%5C%22%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fthestar%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson%2Fpeel_insp_duivesteyn.jpg%5C%22%7D%22%5D%2C%22province%22%3A%5B%22ontario%22%5D%2C%22last_modified%22%3A%5B%222023-04-21T11%3A48%3A38.013Z%22%5D%2C%22inHouseArticle%22%3A%5B%22true%22%5D%2C%22enableLivechat%22%3A%5B%22false%22%5D%2C%22images%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Fassets%2Fimg%2Fthestar-ribbon.png%22%5D%2C%22noShow%22%3A%5B%22false%22%5D%2C%22enableConversations%22%3A%5B%22true%22%5D%2C%22DCT_TAGS%22%3A%5B%22dct_ts_gta%22%2C%22dct_ts_policing%22%2C%22dct_ts_crime%22%5D%2C%22abstract%22%3A%5B%22Insp.%20Stephen%20Duivesteyn%20said%20the%20theft%20is%20an%20isolated%20incident%20and%20that%20people%20flying%20in%20and%20out%20of%20the%20airport%20are%20not%20in%20danger%20%22%5D%2C%22smg_tag%22%3A%5B%22gta%22%5D%2C%22enableLivechatadmin%22%3A%5B%22false%22%5D%2C%22author_names%22%3A%5B%22Mahdis%20Habibinia%22%2C%22Jim%20Rankin%22%5D%2C%22authors%22%3A%5B%22%5B%7B%5C%22author%5C%22%3A%5C%22Mahdis%20Habibinia%5C%22%7D%2C%7B%5C%22author%5C%22%3A%5C%22Jim%20Rankin%5C%22%2C%5C%22photo%5C%22%3A%7B%5C%22origImageSize%5C%22%3A%5C%224971x3314%5C%22%2C%5C%22lastmodified%5C%22%3A2700061000%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fthestar%2Fcolumnist_logos%2FRankin_Jim_logo2015.JPG%5C%22%7D%7D%5D%22%5D%2C%22smg2_tag%22%3A%5B%22news%22%5D%7D&ttl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
expires
Mon, 24 Apr 2023 07:51:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 2813 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:53 GMT
log
play.google.com/ Frame 2813 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
expires
Mon, 24 Apr 2023 07:51:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
expires
Mon, 24 Apr 2023 07:51:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 2813 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:53 GMT
expires
Mon, 24 Apr 2023 07:51:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 2813 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.nl.ANk-TaM-bcg.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6x5bB7ANIfuYK5kUx3xggA6vtEtw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 07:51:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=436380227806?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 17:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
53338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 17:02:55 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFzbKpOsJyhNLRpzicWwZGNNy_uUjk25HnWvXAHMfaJtuB0V4rBWIrWB2zRbKJ3QzlU5AOkEv4PkEx_E728gNn4ngKYUfmtwSSxKVkdzFsPQ8xt8JvG6BdfbCfgjGrqP2QOZlmW02Of6_Y&sai=AMfl-YT_EC2-Pess2YB2HtAyYI_USXa-zakgbRyJePRiXNK8kPDvJkunhpFahM9j7cqFcttu0tgwYGyWQPtOdac&sig=Cg0ArKJSzBHJKkkIhfg-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cisv=r20230418.53178&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=436380227806?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 24 Apr 2023 07:51:53 GMT
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713680
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
4af13c232e471d27b11fe6f727165fd624845123e3cd65bb28164ddb6087493c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
-myww7MoFpFCNA_7uXoLj937Un6xaTLkmlCIqrUI0kRyUtv7mRHllw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713692
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
c2ad8c43d3d69e34215d0cc3307f297227c4321bd0a18ab2ae125b4b63a98ed7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2780
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
WWh3FAUT9lpQGlGeAAxSCEaSZcfXE5NogbzzM2lixz6MhuhIfyrj4A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
stats
z737.thestar.com/rest/recommendations/ 		14 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/rest/recommendations/stats?storeId=3a82e4aa-496b-4fad-b45e-aa27cb2383a4&action=view&itemId=fc52fb47-5b4a-4778-8145-407b0619f8d7&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&profileId=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&isEntrypage=true&hash=93374c4ab41190f7405dc8733768223c&lastmodified=1682077720000&referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&&callback=bc_json902
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
0a2b2ceaa373454c394edc9c0286e07f646ea25bdcde919c9e429d8090f14081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
YW_ggzc--xj6p2nDi6zfYNaCCox4Pz7pm1I-KMtezO2oQkBCqOoriQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/plugin/plugin/05fd4a4c9b8a5b77237ad3e621a39dcd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Apr 2023 07:51:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QbMV7ubuQq4fWQ93cY5FQFTO8UbOrU3Y3Zv6ahudHPS3WBuBfwUXsRQEX05iDdgx6YYp8wBYyFsfxsBMvP8ykA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713715
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
2ab85c23e889b6b4a5d830f397943064310523ec181319d32a92aca9d9b44e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
178
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
pQH5gFTPoBm_wrRybUSQiPrhLjp_U_vOQMT3Y9XE9xbqEdzgUYXL1g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/__activity.gif?e=conversion_shown&ct=Peel+police+investigating+heist+of+over+%2420+million+in+gold+and+high-value+goods+from+Pearson+airport&ccu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tspl=2637&blst=513&ist=1647&iet=1657&bdst=513&bdet=853&bcttt=61&jsfv=nbc&ts=1682322713684&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&uid=5903ee75-6dcc-470b-b218-830068e0ee85&sid=58af7795-b517-40af-8b50-53a5d9467524&pvid=5e5a36fb-d243-4a7c-be56-515ce0d2d61c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.2&saveData=false&ctyp=unknown&ref=https%3A%2F%2Fapple.news%2F&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/__activity.gif?e=conversion_shown&ct=Peel+police+investigating+heist+of+over+%2420+million+in+gold+and+high-value+goods+from+Pearson+airport&ccu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tspl=2642&blst=513&ist=1647&iet=1657&bdst=513&bdet=853&bcttt=62&jsfv=nbc&ts=1682322713689&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&uid=5903ee75-6dcc-470b-b218-830068e0ee85&sid=58af7795-b517-40af-8b50-53a5d9467524&pvid=5e5a36fb-d243-4a7c-be56-515ce0d2d61c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.2&saveData=false&ctyp=unknown&ref=https%3A%2F%2Fapple.news%2F&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:53 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713717
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
7c021c5bb27b2d5cb11c9196c92051424b5058518863c9c8b3647907429f54f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
7B2Ghl3ZKasQHnGp5iEUOWb-agUvFpgIR3yAl9CD1X1kzHJstBhJzA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
torstar.blueconic.net/DG/DEFAULT/ 		66 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&&callback=bc_json903
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.148.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-148-95.compute-1.amazonaws.com
Software
- /
Resource Hash
c784c024de92462b33096f11af31375a2df3976fcf7d5ac3e408ef3a54a8fb37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
images
www.thestar.com/api/liftigniter/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/liftigniter/images
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
8ebba7e7cedfbf65dadcc6e887797c44a03f27b87f29e1f026b1703e65673ccc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1404-DUB8lNoFYSDuwnRvDQ+FTSDY3h8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Miss from cloudfront
cache-control
max-age=180
x-amz-cf-id
-gBirj7DlIwJ9pM4jFxOn7_DjM9XwbA9PtJZyzut07GHGupZnLDktw==
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713733
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
4257b59e52b85ce40219fcb866545efe95e90dea3a5ae35db370634d61cc12eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
JzyWdd5Rya3kHiUY6cwB5TKMpYeSmUipaDzjcu445QTK-ihjgkGSDg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.parsely.com/plogger/?rand=1682322713751&plid=33554279&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&urlref=https%3A%2F%2Fapple.news%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2275218257341515758790122286036848578529%22%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&sref=https%3A%2F%2Fapple.news%2F&sts=1682322712955&slts=0&date=Mon+Apr+24+2023+07%3A51%3A53+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=779&u=pid%3D31784d19269faee54f1bd32a52f21dbd
Requested by
Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:51:53 GMT
Cache-Control
no-cache
Last-Modified
Monday, 24-Apr-2023 07:51:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ruleenginedata
www.thestar.com/api/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/ruleenginedata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:53 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
x-amz-cf-id
9F86As60VmB4EFHJ_02SJXBwwnLAtNHB9ItPsODoFr7FRTnNblvuOg==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682322713757&plid=33554279&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&urlref=https%3A%2F%2Fapple.news%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2275218257341515758790122286036848578529%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A8542%2C%22_trustBar%22%3A5000%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&sref=https%3A%2F%2Fapple.news%2F&sts=1682322712955&slts=0&title=Peel+police+investigating+heist+of+gold%2C+high-value+goods+from+Pearson+%7C+The+Star&date=Mon+Apr+24+2023+07%3A51%3A53+GMT%2B0000+(GMT)&action=_scroll&u=pid%3D31784d19269faee54f1bd32a52f21dbd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:51:53 GMT
Cache-Control
no-cache
Last-Modified
Monday, 24-Apr-2023 07:51:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682322713760&plid=33554279&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&urlref=https%3A%2F%2Fapple.news%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2275218257341515758790122286036848578529%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A8542%2C%22_trustBar%22%3A5000%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&sref=https%3A%2F%2Fapple.news%2F&sts=1682322712955&slts=0&title=Peel+police+investigating+heist+of+gold%2C+high-value+goods+from+Pearson+%7C+The+Star&date=Mon+Apr+24+2023+07%3A51%3A53+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=11423171&u=pid%3D31784d19269faee54f1bd32a52f21dbd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:51:53 GMT
Cache-Control
no-cache
Last-Modified
Monday, 24-Apr-2023 07:51:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
6325467388112
edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/6325467388112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods
HEAD,GET,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Mon, 24 Apr 2023 07:51:54 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18131-EWR
x-timer
S1682322714.117625,VS0,VE0
6325473812112
edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/6325473812112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods
HEAD,GET,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Mon, 24 Apr 2023 07:51:54 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18131-EWR
x-timer
S1682322714.117804,VS0,VE0
vtt.global.min.js
vjs.zencdn.net/vttjs/0.15.3/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:56:37 GMT
etag
"9ab357d51e365493dab6cf243489069b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7354
x-cache-hits
94182
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Mon, 24 Apr 2023 07:51:54 GMT
6325467388112
edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/6325467388112
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df3ca84182bb66d2d913421e1c5142c9a4e180bf57c6102446d871f2e188c844

Request headers

Accept
application/json;pk=BCpkADawqM02UpPUkzc8xH5Bd3-cUq0R9yd9J44SrfoXNajUlAnL6l--3PUnKFaoBa2cWhTYVjtnL20g-dK2t5i2TPJSnXqImIvT_aNrKa4oZN4_ZI3PVVR4S1A-hxd2XgABF1ZBQI-7bQvzHnInuey3CFEvla5Awnx-tf5_iq_IS9XXNLt1w00d3PLm8cnKcX4Qmi2yRSQZimMQyGUhbXywrF6YTC5WaBPG5jqpO-_Ht4LrOZoVlKLkPRhqGh1Pq0Bmn4ucWl1J_hHRVIPBY9Pwd1b7IuenAaGcCg
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

bc-override-client-ip
31.204.152.196
date
Mon, 24 Apr 2023 07:51:54 GMT
powered-from
us-east-1b
bcov-request-id
25d3dc8c-5a0e-4d29-967c-c44a9faa9fd6
via
1.1 varnish
age
745
policy-key-accountid
6146357338001
policy-key-domains
http://www.thestar.com,https://www.thestar.com,http://playback.oovvuu.media,https://playback.oovvuu.media
x-cache
HIT
powered-by
BC
content-length
4204
x-served-by
cache-ewr18131-EWR
policy-key-raw
BCpkADawqM02UpPUkzc8xH5Bd3-cUq0R9yd9J44SrfoXNajUlAnL6l--3PUnKFaoBa2cWhTYVjtnL20g-dK2t5i2TPJSnXqImIvT_aNrKa4oZN4_ZI3PVVR4S1A-hxd2XgABF1ZBQI-7bQvzHnInuey3CFEvla5Awnx-tf5_iq_IS9XXNLt1w00d3PLm8cnKcX4Qmi2yRSQZimMQyGUhbXywrF6YTC5WaBPG5jqpO-_Ht4LrOZoVlKLkPRhqGh1Pq0Bmn4ucWl1J_hHRVIPBY9Pwd1b7IuenAaGcCg
x-timer
S1682322714.214404,VS0,VE1
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
account-status
APPROVED
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits
1
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.thestar.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
6325473812112
edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6146357338001/videos/6325473812112
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
413992138f5373560b05464b1b6ef7590d0b4155fba61cb4defb40f5b1b02fea

Request headers

Accept
application/json;pk=BCpkADawqM02UpPUkzc8xH5Bd3-cUq0R9yd9J44SrfoXNajUlAnL6l--3PUnKFaoBa2cWhTYVjtnL20g-dK2t5i2TPJSnXqImIvT_aNrKa4oZN4_ZI3PVVR4S1A-hxd2XgABF1ZBQI-7bQvzHnInuey3CFEvla5Awnx-tf5_iq_IS9XXNLt1w00d3PLm8cnKcX4Qmi2yRSQZimMQyGUhbXywrF6YTC5WaBPG5jqpO-_Ht4LrOZoVlKLkPRhqGh1Pq0Bmn4ucWl1J_hHRVIPBY9Pwd1b7IuenAaGcCg
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

bc-override-client-ip
31.204.152.196
date
Mon, 24 Apr 2023 07:51:54 GMT
powered-from
us-east-1c
bcov-request-id
df18acd3-fb00-4371-bc9c-7a092ec22f71
via
1.1 varnish
age
745
policy-key-accountid
6146357338001
policy-key-domains
http://www.thestar.com,https://www.thestar.com,http://playback.oovvuu.media,https://playback.oovvuu.media
x-cache
HIT
powered-by
BC
content-length
4257
x-served-by
cache-ewr18131-EWR
policy-key-raw
BCpkADawqM02UpPUkzc8xH5Bd3-cUq0R9yd9J44SrfoXNajUlAnL6l--3PUnKFaoBa2cWhTYVjtnL20g-dK2t5i2TPJSnXqImIvT_aNrKa4oZN4_ZI3PVVR4S1A-hxd2XgABF1ZBQI-7bQvzHnInuey3CFEvla5Awnx-tf5_iq_IS9XXNLt1w00d3PLm8cnKcX4Qmi2yRSQZimMQyGUhbXywrF6YTC5WaBPG5jqpO-_Ht4LrOZoVlKLkPRhqGh1Pq0Bmn4ucWl1J_hHRVIPBY9Pwd1b7IuenAaGcCg
x-timer
S1682322714.214379,VS0,VE12
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
account-status
APPROVED
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits
1
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=adc787f774804abe7174734&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&event=player_init&time=1682322713849&autoplay=false&seq=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=adc787f774804abe7174734&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6146357338001%2Fvideos%2F6325467388112&time=1682322713851&autoplay=false&seq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=f5209ccaa33d2561e67db55f&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&event=player_init&time=1682322713876&autoplay=false&seq=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=f5209ccaa33d2561e67db55f&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6146357338001%2Fvideos%2F6325473812112&time=1682322713876&autoplay=false&seq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
75218257341515758790122286036848578529
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/75218257341515758790122286036848578529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.141.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-141-78.mct50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 24 Apr 2023 07:51:55 GMT
via
1.1 26031c09f93c38d6692be2136bd85f06.cloudfront.net (CloudFront)
x-amz-apigw-id
D308RH90IAMF2Jg=
x-amz-cf-id
pk4PXLw5VFdh4v-T9rEIbv3-AisdySlwXRkIsm-LIY9lQV1-ymlRVQ==
x-amz-cf-pop
MCT50-P1
x-amzn-requestid
4b1ebb8a-5cf9-475a-9ed2-45a131c9aed8
x-cache
Miss from cloudfront
75218257341515758790122286036848578529
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 		51 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/75218257341515758790122286036848578529
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.141.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-141-78.mct50.r.cloudfront.net
Software
/
Resource Hash
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-api-key
b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
via
1.1 26031c09f93c38d6692be2136bd85f06.cloudfront.net (CloudFront)
x-amz-cf-pop
MCT50-P1
x-amzn-trace-id
Root=1-6446351b-5102cdba2739a03b77ecd0c6;Sampled=0;lineage=ec555b06:0
x-amzn-requestid
e490d645-d4e7-4930-8f8d-6f7cab5de1eb
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
D308YFFboAMF7kQ=
content-length
51
x-amz-cf-id
cR_-p5z3T-DWCj9EVFIdRaDM9hYVmezr_MRpLXgRqQIjejsMsX6YHQ==
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		434 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A53%2B00%3A00&ts=1682322713938
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
7f68b12a3b706772a33cdd69dde7bf711f26a817b1433c5f424fed39cf4c4ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
260
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
MWblN_ksytgn8NiZFrNr7bBKwaETeOl6bU4Zlce5DjUZtcyF4J7xkA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=adc787f774804abe7174734&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&usage=inpage-embed&event=player_load&time=1682322713943&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=42100000&qos.performance.memory.totalJSHeapSize=53500000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1682322713409&qos.performance.timing.loadEventStart=1682322713408&qos.performance.timing.domComplete=1682322713408&qos.performance.timing.domContentLoadedEventEnd=1682322711608&qos.performance.timing.domContentLoadedEventStart=1682322711608&qos.performance.timing.domInteractive=1682322711608&qos.performance.timing.domLoading=1682322711202&qos.performance.timing.responseEnd=1682322711226&qos.performance.timing.responseStart=1682322711199&qos.performance.timing.requestStart=1682322711147&qos.performance.timing.secureConnectionStart=1682322711113&qos.performance.timing.connectEnd=1682322711147&qos.performance.timing.connectStart=1682322711082&qos.performance.timing.domainLookupEnd=1682322711082&qos.performance.timing.domainLookupStart=1682322711048&qos.performance.timing.fetchStart=1682322711047&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1682322711046&qos.player.dimensions=%5B%5B1682322713943%2C%220x0%22%2C%22724x407.25%22%5D%5D&qos.player.pixelratio=%5B%5B1682322713943%2C1%5D%5D&qos.player.screendimensions=%5B%5B1682322713943%2C%221600x1200%22%5D%5D&seq=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=f5209ccaa33d2561e67db55f&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&usage=inpage-embed&event=player_load&time=1682322713950&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=42100000&qos.performance.memory.totalJSHeapSize=53500000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1682322713409&qos.performance.timing.loadEventStart=1682322713408&qos.performance.timing.domComplete=1682322713408&qos.performance.timing.domContentLoadedEventEnd=1682322711608&qos.performance.timing.domContentLoadedEventStart=1682322711608&qos.performance.timing.domInteractive=1682322711608&qos.performance.timing.domLoading=1682322711202&qos.performance.timing.responseEnd=1682322711226&qos.performance.timing.responseStart=1682322711199&qos.performance.timing.requestStart=1682322711147&qos.performance.timing.secureConnectionStart=1682322711113&qos.performance.timing.connectEnd=1682322711147&qos.performance.timing.connectStart=1682322711082&qos.performance.timing.domainLookupEnd=1682322711082&qos.performance.timing.domainLookupStart=1682322711048&qos.performance.timing.fetchStart=1682322711047&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1682322711046&qos.performance.bcInit=95.30000019073486&qos.player.dimensions=%5B%5B1682322713950%2C%220x0%22%2C%22724x407.25%22%5D%5D&qos.player.pixelratio=%5B%5B1682322713950%2C1%5D%5D&qos.player.screendimensions=%5B%5B1682322713950%2C%221600x1200%22%5D%5D&seq=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
pierre_poilievre_2_.jpg
images.thestar.com/fcpcpgxu4NTgMJpf0gSEH9DQZPM=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/23/pierre-poilievre-is-in-trouble-i... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/fcpcpgxu4NTgMJpf0gSEH9DQZPM=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/23/pierre-poilievre-is-in-trouble-in-quebec-and-he-has-himself-to-blame/pierre_poilievre_2_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a68d2cb711cd9f6098a066f1a89a3d877baf0b54740b05a055ba335ac15eaaa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 13:10:41 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
67273
etag
"30bda249104360121e1b49db7e70ad6aa901c6be"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
2396
x-amz-cf-id
dxiRWFkrx5qoXyXX4p9f6DEKebGuXNy5v1rzzaja9Ev_8Sq82ot-Kg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_1jaskirat_singh_sidhu.jpg
images.thestar.com/wqhGTwLF6ryzgxJOkZgMCiO2T4Q=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/23/some-have-forgiven-him-some-cant-t... 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/wqhGTwLF6ryzgxJOkZgMCiO2T4Q=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/23/some-have-forgiven-him-some-cant-truck-driver-who-killed-16-in-humboldt-broncos-crash-says-as-long-as-im-alive-im-going-to-think-about-them/_1jaskirat_singh_sidhu.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
35df32aa48d267dde59126c89348fa78fce805d9beb25a3ac5d6d87f7e94878e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 21:49:52 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
36122
etag
"0c33881cd8189fad727f65b493747de707890038"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
2054
x-amz-cf-id
OF9_0wO78w-VCvDJsPTAosGN1HJxnNOMWL07PBTEtIcH2N28nC0msg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
549886031832745
connect.facebook.net/signals/config/ 		514 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549886031832745?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae3093eed300f9ed677c8ae4b5b98a82975d21959f55913c2b5e166ee21af2fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Apr 2023 07:51:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
152259
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DNu/OSZmkVu8yt/1MFOrbFFkfEMLflkrVsx0k9Sf8ZDo6+FY07ZOWZRW9lwsGEr/u/xC0Nt3jrN9sskC/I/Hmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/5903ee75-6dcc-470b-b218-830068e0ee85/__activity.gif?e=widget_shown&ct=Peel+police+investigating+heist+of+over+%2420+million+in+gold+and+high-value+goods+from+Pearson+airport&ccu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tspl=2959&blst=513&ist=1647&iet=1657&bdst=513&bdet=853&bcttt=63&jsfv=nbc&ts=1682322714006&jsk=q9fqmmutk5a97trs&jsv=20230329&cu=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&uid=5903ee75-6dcc-470b-b218-830068e0ee85&sid=58af7795-b517-40af-8b50-53a5d9467524&pvid=5e5a36fb-d243-4a7c-be56-515ce0d2d61c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F112.0.5615.121+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.2&saveData=false&ctyp=unknown&ref=https%3A%2F%2Fapple.news%2F&tzo=0&w=star_web_ymbii&source=LI&pl=null&tr=null&st=2958&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F04%2F23%2Fpierre-poilievre-is-in-trouble-in-quebec-and-he-has-himself-to-blame.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F04%2F23%2Fsome-have-forgiven-him-some-cant-truck-driver-who-killed-16-in-humboldt-broncos-crash-says-as-long-as-im-alive-im-going-to-think-about-them.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F18%2Fhouse-of-former-mississauga-mayor-hazel-mccallion-up-for-sale-heres-a-look-inside.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsoccer%2F2023%2F04%2F22%2Fthreatened-humiliated-blacklisted-inside-the-culture-of-fear-that-muzzled-and-penalized-women-who-exposed-abuse-at-canada-soccer.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fstar-columnists%2F2023%2F04%2F22%2Fwho-will-be-torontos-next-mayor-it-depends-on-how-well-they-tell-their-story.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F04%2F22%2Fits-like-an-infectious-diseases-textbook-from-the-turn-of-the-century-doctors-alarmed-at-rise-of-retro-diseases.html%22%5D&sdk=bc-pixel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
pierre_poilievre_2_.jpg
images.thestar.com/K6TmkAr7FdMDzax9ZoRSw4c8bfY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/23/pierre-poilievre-is-in-trouble-i... 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/K6TmkAr7FdMDzax9ZoRSw4c8bfY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/04/23/pierre-poilievre-is-in-trouble-in-quebec-and-he-has-himself-to-blame/pierre_poilievre_2_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
919d92b79fad2c6bdd0a0b50f604503e4c9958ed5486c4aa8a78e1334604fccd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 12:01:55 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
71399
etag
"bd2ee2b79b229bed89339acb8d87eb99dbbd49ae"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
19934
x-amz-cf-id
za3AXMw9LISyKhSUGOx53ptXAOQAR7iiAR-rwOFcJFukyKO729N1Dg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_1jaskirat_singh_sidhu.jpg
images.thestar.com/y6deZJ3oIuszJyPlFeBbtTtlvag=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/23/some-have-forgiven-him-some-cant-t... 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/y6deZJ3oIuszJyPlFeBbtTtlvag=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/04/23/some-have-forgiven-him-some-cant-truck-driver-who-killed-16-in-humboldt-broncos-crash-says-as-long-as-im-alive-im-going-to-think-about-them/_1jaskirat_singh_sidhu.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-98.fra2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
edfa080e61a0b68b004df660218c31d4d4faffb9d5b2f8f0a5ccf4e0843f5eb4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 21:59:44 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
age
35530
etag
"16ddbe381716a115ce45e7333dc87116ad5b7810"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
content-length
17302
x-amz-cf-id
u9zuU9VkwRBqCoWUIqld8xZnrnnQh8ZOLhnm5AAmLDd-apQYr_PJ_Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
events
api.permutive.com/v2.0/batch/ 		301 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0d922eb3f4953292bd493073c2f3a6a13e59d540427cc51159f32275dc4be38b

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A54%2B00%3A00&ts=1682322714017
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
8a1626997b74068b226e4a6a50e235a9af6165233fcb2cd64d935587b3a80091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
171
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
w_c9FskqWCbSmeKsZddg-NwClII-HSqfCArpBt11324XnlTRUrqb7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A54%2B00%3A00&ts=1682322714018
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
a21c1dccbe0ca669ae912ef34f1ae2fcf2f078e039f5ad2c4b4d35080714ef9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
171
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
IvPcKNdjv3ywDNabwaY-hYj1u19m2YLNSJyelDIvyf6WFo42EjMzHQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		181 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A54%2B00%3A00&ts=1682322714020
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
89f552ddee3a15ece732cef0cbd8b8968e750d0f044ca5e0815e07abbaf49584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
slTzBp6k12Wv8HWFmdc26TMMCGiCiFRenKKFNkif_C1w8j3Im8lM6w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
channels
push.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ 		49 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/channels
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6d86be2d316299f1fc943672cf342a9fcc79eb0c3d968e1cd1ec4eeb51197752
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubdomains;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-max-age
36000
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
channels
push.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/440142cb-1263-4e19-a1f1-8b2fc5d678de/channels
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:54 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
b
engagefront.theweathernetwork.com/x/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.23.120.34.bc.googleusercontent.com
Software
TornadoServer/4.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 google
server
TornadoServer/4.2
etag
"d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
content-type
image/gif
p3p
policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
cache-control
max-age=0,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame B0F7 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
179252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:04:22 GMT
expires
Sun, 21 Apr 2024 06:04:22 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 07:51:54 GMT
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame C8C3 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
179252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:04:22 GMT
expires
Sun, 21 Apr 2024 06:04:22 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=adc787f774804abe7174734&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6146357338001%2Fvideos%2F6325467388112&time=1682322714327&response_time_ms=476&seq=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=f5209ccaa33d2561e67db55f&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6146357338001%2Fvideos%2F6325473812112&time=1682322714337&response_time_ms=461&seq=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/c3b56912-0cac-4d11-b798-e5443bb06e0c/640x360/match/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/c3b56912-0cac-4d11-b798-e5443bb06e0c/640x360/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-95.fra60.r.cloudfront.net
Software
/ BC
Resource Hash
0ea9725db1d8a1e59ef939ce91e715c6f58521478ce8254eb75f41ed572499f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 23:25:32 GMT
Via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop
FRA60-P3
X-Powered-From
gantry
X-Powered-By
BC
Age
289582
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
mJbrCvmsHiIz2K5zYpx9LaTwl1e_Ps3HeMHhXGsGeQGCwID6ANSNgA==
Expires
Sat, 20 Apr 2024 23:25:32 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/12598d19-f46f-43b4-a336-c32341bf1193/640x360/match/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/12598d19-f46f-43b4-a336-c32341bf1193/640x360/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-95.fra60.r.cloudfront.net
Software
/ BC
Resource Hash
600977c5b7cb98bb6dc74f7d37896a3d662b2881473717c468b52bcbcae4bda5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:53:34 GMT
Via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop
FRA60-P3
X-Powered-From
gantry
X-Powered-By
BC
Age
277100
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
LiGqemPXv6ootVgTDhHaToXlRdugWZXQu9eowHcuXpLWyQuafgXOLQ==
Expires
Sun, 21 Apr 2024 02:53:34 GMT
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/10s/master.m3u8?fastly_token=NjQ0NjhhNjBfNTVhZDJiMWRkM2IyYWNhM2VmYzQ3NTc3MGJhN2QzNzFkNmZhZDEyYzIwYmM1NmQzZDRlNjY1ZTFiODM1NzRiZQ%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
44f0e3bbd7276f0f73ca7f12b97336c06f774d7854745904ba403df248c36877

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
x-bolt-device-group
desktop-chrome
content-length
3654
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322714.488016,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A54%2B00%3A00&ts=1682322714428
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
69fd59381ad8076fac22fa6039e97cdb02a525eacc7a24aa675fc49247581322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2845
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
11UtRzF23TWOGKO_IJ1Ytk6CgfR_-ca2oeKrBptxzqwQgj7WxtMKog==
expires
Thu, 01 Jan 1970 00:00:00 GMT
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/10s/master.m3u8?fastly_token=NjQ0NjhhYzlfYmE4MDRmYTdkZmY3YzZlNTc2ODU5YWU5YmM3ZjI1NjhhNzkzNjk2MTgxZDM4YjEyZWJjZDFmYmQxZWYzMzE2Yg%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
3ee61f18cb2a5e727634616631d4bbcb6721b238ab111cebbc5c379a224da331

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
x-bolt-device-group
desktop-chrome
content-length
3654
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322714.489250,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
b6483c86-c388-48c6-ba70-4710c3c22703
https://www.thestar.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/b6483c86-c388-48c6-ba70-4710c3c22703
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
6656
Content-Type
application/javascript
382a58ab-8d79-4b96-8e06-dc9fb794f9b9
https://www.thestar.com/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/382a58ab-8d79-4b96-8e06-dc9fb794f9b9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96c119c1e958c16cf0fbb31b28fc27c217eedd73d5016c18b8d97afd5855f190

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
3941a4df-62a5-4d96-9e43-0233a4dba5d4
https://www.thestar.com/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/3941a4df-62a5-4d96-9e43-0233a4dba5d4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96c119c1e958c16cf0fbb31b28fc27c217eedd73d5016c18b8d97afd5855f190

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
dc3ecae1-9923-4822-95d0-4ab7c925e308
https://www.thestar.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/dc3ecae1-9923-4822-95d0-4ab7c925e308
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
6656
Content-Type
application/javascript
b620e283-ae85-4034-a6f7-1ccf96613999
https://www.thestar.com/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/b620e283-ae85-4034-a6f7-1ccf96613999
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96c119c1e958c16cf0fbb31b28fc27c217eedd73d5016c18b8d97afd5855f190

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
63fc8285-4adb-4513-9bca-bcab796df4a6
https://www.thestar.com/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/63fc8285-4adb-4513-9bca-bcab796df4a6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96c119c1e958c16cf0fbb31b28fc27c217eedd73d5016c18b8d97afd5855f190

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=adc787f774804abe7174734&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&time=1682322714459&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.8.1%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4000%7D&video=6325467388112&video_name=Canadian%20police%20speak%20after%20%2420M%20worth%20of%20gold%2C%20other%20items%20stolen%20in%20%27very%20rare%27%20heist&reference_id=601410&custom_fields=&video_data=&video_ads_supported=true&tags=airport&tags=canada&tags=canada%20crime&tags=cbc&tags=crime&tags=gold&tags=heist&tags=million&tags=oovvuu%20bulletin&tags=pearson&tags=peel&tags=police&tags=toronto&video_duration=65&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F6146357338001%2F73d5c8e3-03c0-490d-bdc2-a07682716d62%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjQ0NjhhNjBfNTVhZDJiMWRkM2IyYWNhM2VmYzQ3NTc3MGJhN2QzNzFkNmZhZDEyYzIwYmM1NmQzZDRlNjY1ZTFiODM1NzRiZQ%253D%253D&preload=metadata&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=f5209ccaa33d2561e67db55f&account=6146357338001&destination=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&platform_version=6.67.3&player=players.brightcove.com%2F6146357338001%2FGJXdK30c6L_default&player_name=Toronto%20Star%20(343)%2Fwww.thestar.com&source=https%3A%2F%2Fapple.news%2F&autoplay=false&ads_enabled=true&time=1682322714465&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.8.1%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4000%7D&video=6325473812112&video_name=%2420M%20in%20gold%2C%20other%20valuables%20stolen%20from%20Toronto%20airport&reference_id=601488&custom_fields=&video_data=&video_ads_supported=true&tags=100m%20gold%20heist&tags=cargo&tags=cbc&tags=cbc%20news&tags=cbc%20the%20national&tags=gold%20heist&tags=gold%20stolen&tags=gold%20stolen%20from%20pearson&tags=high%20value%20container&tags=missing&tags=mystery&tags=oovvuu%20bulletin&tags=pearson%20airport&tags=pearson%20airport%20gold%20heist&tags=peel%20regional%20police&tags=rcmp&tags=robbery&tags=the%20national&tags=toronto%20pearson%20airport&video_duration=154&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F6146357338001%2F7bc8973e-4fa7-4714-851f-6e20fe33b0ca%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjQ0NjhhYzlfYmE4MDRmYTdkZmY3YzZlNTc2ODU5YWU5YmM3ZjI1NjhhNzkzNjk2MTgxZDM4YjEyZWJjZDFmYmQxZWYzMzE2Yg%253D%253D&preload=metadata&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Mon, 24 Apr 2023 07:51:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:51:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/7fb3ed01-a936-4fcd-b673-ce26630ff2a4/10s/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/7fb3ed01-a936-4fcd-b673-ce26630ff2a4/10s/rendition.m3u8?fastly_token=NjQ0NjhhNjFfM2NiYThjZDhmNWFlMDY4NWNhMDg4MDU5YzVjYWE0MTkwYmEzYzA5ZmZmMDJiNDA1MTUyMTQ3MzNjOWRjMGFmNg%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
92d202859112925404eb2a513fb2f387b1db19d552c7a11f651ad79f4f765465

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
content-length
2843
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322715.591980,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/829025ae-bb05-41a4-85cb-8a8804eb7e8c/10s/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/829025ae-bb05-41a4-85cb-8a8804eb7e8c/10s/rendition.m3u8?fastly_token=NjQ0NjhhY2FfYWZjYmI0ODhhYzEwNjAwMjMwNjFhMmNhMjNhZDFjMjY5OTQ5MDE3ZWQxYmFkNmVkMDVjZGM5Y2IyOTEzOTkzZg%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
3215c39c52a4b71e63c0e1fb2d8927c76309ed448dc5f7736dcf12ce3d6a18ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
content-length
6359
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322715.593542,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/ddea7dcd-cdb5-4ec9-9426-218bf315c977/10s/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/ddea7dcd-cdb5-4ec9-9426-218bf315c977/10s/rendition.m3u8?fastly_token=NjQ0NjhhNjFfMThmNzRiYjcyNGNmM2VkODg1MjRmNzg1NzdhYjk1ODcwNGVjM2IxYjIxYmM0OTU4NDdiM2M3NzAyNjBjMzA5NQ%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
746024136b00b64f983613eb3a4da3f1e54a5971d492909ae4a681ef14c5fa1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
content-length
2837
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322715.697222,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
segment0.ts
prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/7fb3ed01-a936-4fcd-b673-ce26630ff2a4/5x/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/7fb3ed01-a936-4fcd-b673-ce26630ff2a4/5x/segment0.ts?akamai_token=exp=1682344545~acl=/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/7fb3ed01-a936-4fcd-b673-ce26630ff2a4/*~hmac=1213f932c66a9721e4b2773418b7560ba7302910797cf0e2781d3ef3e3469e10
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:780::210:ca62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
1c7ce835b837f33da10f5e658bf685e5f37447bc5d0ce97405916690abe61308

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Mon, 24 Apr 2023 07:51:55 GMT
X-Amz-Cf-Pop
JFK50-P1
X-Powered-By
BC
Backend-IP
108.139.46.176
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1354462
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1615672
X-Served-By
cache-ewr18151-EWR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1682213644.691818,VS0,VE26
X-Powered-From
gantry
ETag
"0f9487b1028361bac0bd8aabc4e4bbae"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31246174
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
Kt-BJIjdwBFxd9dq-Rj2zqOIh60aQEnjC2ZdcToIIPQhmDoWSUbgjA==
Expires
Fri, 19 Apr 2024 23:21:29 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/774c8d1e-03f0-4c94-a845-a71bdb15c783/10s/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/774c8d1e-03f0-4c94-a845-a71bdb15c783/10s/rendition.m3u8?fastly_token=NjQ0NjhhY2FfYWZlODdiMDQyNjgwMzg2Y2YzNWFhMWFkMWRhYzQ5Yjc3ZjFjNjRiYTIwYzhhMDMwMzZhYWI4MGIyYWJiZDFiMw%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
d5a919f8c241f0d153924d5117061c41ba6e3b0e0ecc5c7efe89ad78c0c51a77

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:54 GMT
via
1.1 varnish
age
745
x-powered-by
BC
x-cache
HIT
content-length
6344
x-served-by
cache-ewr18131-EWR
x-device-group
desktop-chrome
x-timer
S1682322715.700508,VS0,VE1
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
1
segment0.ts
prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/829025ae-bb05-41a4-85cb-8a8804eb7e8c/5x/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/829025ae-bb05-41a4-85cb-8a8804eb7e8c/5x/segment0.ts?akamai_token=exp=1682344650~acl=/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/829025ae-bb05-41a4-85cb-8a8804eb7e8c/*~hmac=1d38043fd4007883d97faadd279dae1c527e7cae9d4ff9a1b0430f0ce95bc852
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:780::210:ca62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
d409a21c747e19fee3bba5338ec32eb372849efc6cf092b8a1356c65285b9010

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Mon, 24 Apr 2023 07:51:55 GMT
X-Amz-Cf-Pop
JFK50-P1
X-Powered-By
BC
Backend-IP
108.139.46.125
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1354462
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1402104
X-Served-By
cache-ewr18177-EWR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1682289074.901088,VS0,VE159
X-Powered-From
gantry
ETag
"a6297075426b6e7943128023f99cba64"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31502279
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
z4WhbfENXtQmv2Q45-6t0HZCfic1L76bRJbf-nVFcx-4gwfD0imREA==
Expires
Mon, 22 Apr 2024 22:29:54 GMT
segment0.ts
prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/ddea7dcd-cdb5-4ec9-9426-218bf315c977/5x/ 		171 KB
172 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/ddea7dcd-cdb5-4ec9-9426-218bf315c977/5x/segment0.ts?akamai_token=exp=1682344545~acl=/media/v1/hls/v4/clear/6146357338001/73d5c8e3-03c0-490d-bdc2-a07682716d62/ddea7dcd-cdb5-4ec9-9426-218bf315c977/*~hmac=d222dc4c1554cc8e95d260cb548347f143e263a5b7e0cef72f0dd5f475722aa5
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:780::210:ca62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
8bc773263323637207ff0f72f2ebf659e575ab8aa2e354b87d7f72b4b3fd1f7e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Mon, 24 Apr 2023 07:51:55 GMT
X-Amz-Cf-Pop
JFK50-P1
X-Powered-By
BC
Backend-IP
108.139.46.132
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1354462
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
174840
X-Served-By
cache-ewr18183-EWR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1682033061.792188,VS0,VE1
X-Powered-From
gantry
ETag
"1f9752dbb464a154c3ca25b7f50f6d3b"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31246077
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
-yU4OpPLiQPkve0j3Jn5t3mOkuzpzKlel44cFQ4uDTh9zlZLysMi8g==
Expires
Fri, 19 Apr 2024 23:19:52 GMT
segment0.ts
prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/774c8d1e-03f0-4c94-a845-a71bdb15c783/5x/ 		168 KB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-oovvuu.akamaized.net/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/774c8d1e-03f0-4c94-a845-a71bdb15c783/5x/segment0.ts?akamai_token=exp=1682344650~acl=/media/v1/hls/v4/clear/6146357338001/7bc8973e-4fa7-4714-851f-6e20fe33b0ca/774c8d1e-03f0-4c94-a845-a71bdb15c783/*~hmac=290f1c49d9163f2bd1829f147dacd46f5d9218243171071238efd9c9654bb758
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6146357338001/GJXdK30c6L_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:780::210:ca62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
e042cededb3611a862a4da9e3a6d30949a31e6b595c724d327f14d8a44956742

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Mon, 24 Apr 2023 07:51:55 GMT
X-Amz-Cf-Pop
JFK50-P1
X-Powered-By
BC
Backend-IP
108.139.46.132
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
1354462
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
171832
X-Served-By
cache-ewr18176-EWR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1682044807.341045,VS0,VE2
X-Powered-From
gantry
ETag
"e7cd7551bb0d528bdf9b695aaef1862e"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31257834
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
WqmvAdpvIfHnxpq0oFdagIfLIbHSzoxq1VzArjI4LNH2KUsodXhZlg==
Expires
Sat, 20 Apr 2024 02:35:49 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&pr=https%3A%2F%2Fapple.news%2F&pid=1YNCImsNbbnj1&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-9%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-11%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x270%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-5%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-6%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-7%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-news-gta-8%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fnews%2Fgta%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.207.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-207-225.ham50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 dad44092e95c7e3e18abc391b2ada472.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C3
x-amz-rid
HQ7S107714BAE081XJXQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
KRUIwX5_g2tzFZuTWnCpyuXV0NH3BM1e6l4BqqKojHOprsBuQPvoTg==
integrator.js
adservice.google.nl/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1719987389693473&correlator=2466170599178309&eid=31073678%2C31073829%2C31073998%2C31074053%2C31071326&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Cnews%2Cgta&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=2x1%2C300x250%7C300x600%2C300x250%7C300x600%2C1x1%2C728x90%2C728x90%7C728x270%2C728x90%7C970x250%2C134x170%2C134x170%2C134x170%2C134x170&ifi=1&adks=1228224870%2C1849888957%2C1849888956%2C1899440982%2C3775028862%2C28518810%2C3706908869%2C2120795474%2C2120795473%2C2120795472%2C2120795479&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26hb_format_ozone%3Dbanner%26hb_size_ozone%3D300x600%26hb_pb_ozone%3D0.35%26hb_adid_ozone%3D31a9aef4a8a499-0-oz-0%26hb_bidder_ozone%3Dozone%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.35%26hb_adid%3D31a9aef4a8a499-0-oz-0%26hb_bidder%3Dozone%26oz_size%3D300x600%26oz_adId%3D31a9aef4a8a499-0-oz-0%26oz_pb_r%3D0.28%26oz_pb%3D0.28%26oz_pb_v%3D2.7.0-torstar-ix-cad-fix%26oz_imp_id%3D31a9aef4a8a499%26oz_bid%3Dtrue%26oz_winner%3Drubicon%26oz_auc_id%3D26519e60-2cbb-40db-96fa-f189ee1ef598%26oz_rubicon_pb_r%3D0.28%26oz_rubicon_adId%3D31a9aef4a8a499-0-oz-0%26oz_rubicon_adv%3Dlightinthebox.com%26oz_rubicon_crid%3D2249%253A627068693224%26oz_rubicon%3Drubicon%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26tkspo%3D16%26env%3Dbeta%26gs_channels%3Dgv_crime%252Cts_trvl_md_r%252Cgs_travel%252Cpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_travel_air%252Cgt_mixed%252Cts_pl_nws_lctns_cnd_ntnl%252Cts_tmtv_t_typ_crg%252Cgs_law%252Cgs_business%252Cts_bz_ndstry_gnrl%252Cts_bz_ndstry_vtn%26referrer%3Dother%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Dmahdishabibinia%252C%2520jimrankin%26assetid%3Dfc52fb47-5b4a-4778-8145-407b0619f8d7%26kvng%3Dgold_heist%252Cpearson%252Cpeel_police%252Crcmp%252Csmg_gta%252Csmg2_news%252CInHouseArticle_thestar%252Cdct_ts_gta%252Cdct_ts_policing%252Cdct_ts_crime%252Cstephen_duivesteyn%252Cgreater_toronto_airports_authority%26kvcalais%3Dgreater_toronto_airports_authority%252Crachel_bertone%252Cpearson%252Ctoronto%252Croyal_canadian_mounted_police%252Cpolice%252Ctoronto_pearson_international_airport%252Cpearson%252Cpeel_regional_police%252Cregional_municipality_of_peel%252Ctoronto%252Cgreater_toronto_airports_authority%252Cgovernment%252Csecurity%252Contario%252Cgreater_toronto_area%252Cpeel_police%252Cstephen_duivesteyn%252Cnational_airports_system%252Ctransport_in_toronto%252Cken_leishman%252Caviation%26key%3D%2520%26article_b%3Dtrue%26prmtvsdk%3Dweb&ppid=75218257341515758790122286036848578529&sc=1&cookie_enabled=1&abxe=1&dt=1682322715493&lmt=1682322715&dlt=1682322711202&idt=1908&adxs=1069%2C1083%2C1083%2C0%2C436%2C303%2C303%2C217%2C515%2C812%2C1110&adys=1456%2C1502%2C2363%2C0%2C0%2C2534%2C5233%2C7217%2C7217%2C7217%2C7217&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C0%7C0%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&ref=https%3A%2F%2Fapple.news%2F&frm=20&vis=1&psz=328x1%7C300x-1%7C300x-1%7C1600x0%7C1600x-1%7C728x90%7C728x90%7C273x0%7C273x0%7C273x0%7C273x0&msz=328x1%7C300x-1%7C300x-1%7C1x-1%7C1600x-1%7C728x90%7C728x90%7C273x0%7C273x0%7C273x0%7C273x0&fws=0%2C512%2C512%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1385472192.1682322713&ga_sid=1682322716&ga_hid=1853909574&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e4f18e2de71d9375e38c68a5d38e6b3acb0c034aa55f49617821c7738549f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10951
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-1,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-1,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5e8854372e0fa16df0fac640ecf585fed9c077cbe26c179b3523d74437775b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11219
x-xss-protection
0
container.html
9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:55 GMT
expires
Tue, 23 Apr 2024 07:51:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 07:51:55 GMT
a8a2736c-30c9-4ccc-af59-1b5ab6792f06
playback.oovvuu.media/notify/ 		42 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/notify/a8a2736c-30c9-4ccc-af59-1b5ab6792f06?e=video_load&v=601410&p=GJXdK30c6L&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
https://www.thestar.com
cache-control
must-revalidate,no-cache,no-store
content-length
42
x-amz-cf-id
kYCse0Ft3TDo-eoj9YZECcvErNRxqqG-NqR3uASpy4XSDg9FqRUf4g==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C93F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
6233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 06:08:02 GMT
expires
Tue, 23 Apr 2024 06:08:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E0D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
364421db3ae91f011e8ee0dbce27c2aa3c3cb12b5f3573afc75ddcf78fc1f692
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-efBCEkeAx3U9JyaJPyc1DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-efBCEkeAx3U9JyaJPyc1DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:56 GMT
expires
Mon, 24 Apr 2023 07:51:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default
www.thestar.com/api/overlaydatarule/ 		74 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydatarule/default
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6bf0de52c3d53c3321b2314dd75bfacb03d04b829cb1cab3b36e7f77b13d4e33
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:47:52 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
age
244
x-powered-by
Express
etag
W/"12612-4kFTLfCprXMhwkVgPlpC9vYm6HU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
x-amz-cf-id
O8S6V5qK-V4QeAG_mS5_Ju3P25CUa2o5DluzZVX8Xt7Nest03hy6rg==
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame C93F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 06:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 06:08:02 GMT
overlaydata
www.thestar.com/api/ 		72 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=cf2fa5d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-82.fra56.r.cloudfront.net
Software
Apache/2.4.56 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
7e41416ea440eee0f014c0435cd770f9350e5aca422cca447aaba8538de0a3c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:47:52 GMT
content-encoding
gzip
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server
Apache/2.4.56 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-P7
age
244
x-powered-by
Express
etag
W/"11f01-fU92zs+enA5anKW9NmDz4ugLW14"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
x-cache
Hit from cloudfront
cache-control
max-age=180
x-amz-cf-id
_V13rr7z6YMo1e7bgGxfz59SsQSMnqrT-loWQ6Jpa3Rw6dxolTIXCw==
RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49bd5cc239085142e293f889016f2329dfc5e6b96c4974468341c4af12bf343d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
r8_H_zLfiMhOtQWtSjzwpWquZIIU6FLk
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Sun, 23 Apr 2023 20:50:24 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39856
x-amz-server-side-encryption
AES256
etag
W/"388ec145ed98f88ff80931dd624227af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
k_4786EsMQ4k-bWFFYUxTkta09nJazD3nzOL1UTk0V4Z8TEZAH_KhA==
900
z737.thestar.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://z737.thestar.com/DG/DEFAULT/rest/rpc/900?referer=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&bcsessionid=f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69&bctempid=&overruleReferrer=&time=2023-04-24T07%3A51%3A56%2B00%3A00&ts=1682322716256
Requested by
Host: z737.thestar.com
URL: https://z737.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-119.fra56.r.cloudfront.net
Software
- /
Resource Hash
2b6c413ffb36ec1caef2d95fd49daf0d4f4cf8cd5683a914f539c5861194f27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2753
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jqYOkwKbCTEdAtDe0c51l-LNJm_7Li8x4Px0GZz2VjA0yeAX1POr1A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304180101&jk=1719987389693473&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
fundingchoicesmessages.google.com/f/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7adadfc922b9d5c0fb384c2e2bf2043503f1073f7a668d45979e4dc4d1fbb5b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VfpwqnqwU0LHUdlik8SqHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-VfpwqnqwU0LHUdlik8SqHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
RC5e3aa078185a404a90c26089a206fc93-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a42dac047c13d30244074e7c1caf24f3c12a5af603c8e15b79b1bb84236dcb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
.4Yvmpfz70Zvjm_9fz2VkVVdj4NQ4h1c
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 05:15:36 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
9381
x-amz-server-side-encryption
AES256
etag
W/"8b2988d9bb6bf2bea1f082246dee7f4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
VbSEQ9--0pvD7e2oHIWKXyrWb_872fjQWSXQi6w1K12o-99CTCFcYw==
events
pixel.thestar.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.102&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9000:22e9:2dfd:5b04:f57a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Mon, 24 Apr 2023 07:51:56 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1682322716358&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682322716353.1125413480&eid=ob3_plugin-set_e2ab7fb018348b602a0b1c85fdb5817c7b0804b11c15a0763715981b52a55774&it=1682322714001&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Apr 2023 07:51:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events
pixel.thestar.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.102&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9000:22e9:2dfd:5b04:f57a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Mon, 24 Apr 2023 07:51:56 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=ViewContent&dl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1682322716361&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682322716353.1125413480&eid=ob3_plugin-set_dce13c43b5caf91bc11174b26c6ddfbff4cb4161d0f8c7cc729acf7f9f0f7ab6&it=1682322714001&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Apr 2023 07:51:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
RC0dc25b20a90b4585b160e266222619c3-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		971 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC0dc25b20a90b4585b160e266222619c3-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64eb1841c385edc0225cb4f85b2ea001cc69cccee156dea5d99a28cfacfe9be9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PG3q4ltG9CLYTkmsyqFRZYnW5S3z3NZH
date
Mon, 24 Apr 2023 03:47:36 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
15224
x-amz-server-side-encryption
AES256
etag
"3a609f16f21e010b73bb99d7afd35275"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
971
x-amz-cf-id
KcTN-pnsXF1dAIwdv91YEwtkya58BE17_ejAIaM7eISV-ThR6lJS4w==
2d5d76c3-7346-4dc8-b549-f438a7dd8341
playback.oovvuu.media/notify/ 		42 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playback.oovvuu.media/notify/2d5d76c3-7346-4dc8-b549-f438a7dd8341?e=video_load&v=601488&p=GJXdK30c6L&u=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: playback.oovvuu.media
URL: https://playback.oovvuu.media/player/v2/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-82.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
https://www.thestar.com
cache-control
must-revalidate,no-cache,no-store
content-length
42
x-amz-cf-id
Z_P-a9YvucjzGG5RFMK7fI--t2NwUze0hxAbonP4suD7wPm447OWmw==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230054-FRA
RCd768af7a41d447a48ddbb694e078eba8-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCd768af7a41d447a48ddbb694e078eba8-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
563ef2ed3f9d0f46ac612d268d96164a269cc6e6689d85afbf5d647c4b026334

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
UDWoRKN0DR9codDiv3pPI7zLqUIhITnV
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 00:02:26 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
28218
x-amz-server-side-encryption
AES256
etag
W/"9f7b4240eb4c7c5ce0e6a49f6ddf31ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
nhjnmb0Abttzfr2K1rA-yvwiZLVSFyf5rfhroihwIEcdUdWu6bqd2A==
generate_204
tpc.googlesyndication.com/ Frame C93F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ipnRug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2743fd57b0a93463f71b4d21503dbd7d836d1409b28a94f76a0f23a82d676bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69510
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 07:51:56 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a533fb8fc558fb13e694ea8429bb52833e36b185fa3e1e7df0728e64db9d9617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69503
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 07:51:56 GMT
js
www.googletagmanager.com/gtag/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
781467925932cc8461d6fc15c09bdb55e1fa35393e273e9200eb2c31b0bc2c35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46868
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 07:51:56 GMT
js
www.googletagmanager.com/gtag/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19e40c3dc00fa1e40fc830ff1ca3695df239f8e0191036b5e4a9c8b4ced7b7c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46868
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 07:51:56 GMT
RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4457f5c4f0c738541cd408ef71b7f9bbd1a19f56387c28b6eb2b6743f87789a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Ky3TEyqpY.O8trY7SVoN1_hNR7sDRJMs
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 05:20:28 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
9380
x-amz-server-side-encryption
AES256
etag
W/"e87288f8ba284ca04fc81e6dc994fe62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
GsbisJ25mL9jh2vikdnvfJk3IcOxuth2ASsVrDAdL3uAuNyddCqwvA==
core.js
s.pinimg.com/ct/ 		1 KB
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
x-cdn
fastly
etag
"6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
484
RC336079137ceb479aab0ece6eedbf95e1-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1020 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC336079137ceb479aab0ece6eedbf95e1-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1604a5ba0f2f61ff17add24c3796fbf2275d0d70d66dd0ec001a79218f5a3099

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
mYsBHdas7knV5eiWNyPYqbzIyAYaCmT2
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 03:12:45 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
45640
x-amz-server-side-encryption
AES256
etag
W/"d419ee4e79426c4b54d9f35731de136d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
ut-uAAmy2dtqWex7qQhJB7yb-XYEJ3LNyBF8prFCx7yPPAQJA1QgZQ==
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59a24194-268d-423a-b0b6-efa7ce512b45&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ef2df4a7-9337-4be0-b303-06f4e28f2001&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
103
date
Mon, 24 Apr 2023 07:51:55 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
0f7cabee8b9db144
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
4413203986cf3d632148cc15794e12444fd710a3a2ca2df3d6973141023264fd
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59a24194-268d-423a-b0b6-efa7ce512b45&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ef2df4a7-9337-4be0-b303-06f4e28f2001&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
103
date
Mon, 24 Apr 2023 07:51:56 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
67cbbf54fb2c6c0c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5e4787ef3b5f48706b12082a3cbfe2db835a2ccaceb9a44ddf5794bbce881284
content-length
43
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 24 Apr 2023 07:51:56 GMT
last-modified
Thu, 20 Apr 2023 19:01:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 126297C4A9A84A3F8F421A0644320E37 Ref B: AMS04EDGE1708 Ref C: 2023-04-24T07:51:56Z
etag
"808c558fba73d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12036
RCe057394b62624c84884a89981136d531-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCe057394b62624c84884a89981136d531-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
978ddf3ddbf0fe3fb2aa857326a2dc7a202193a10b95b1d011328f162ab6e598

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
pjCbQNU4Me5OsN5cQKDlRLKW0kR4w2KA
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 04:23:52 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
12486
x-amz-server-side-encryption
AES256
etag
W/"44303d9e781fec41b89c567e24665cdc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
6PeGdkND0nmc4IvjaxUzIlgcmjZxpqEdzJFlovDgdhR7m0cMFMxy0g==
activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F0...
10230056.fls.doubleclick.net/ Frame E37B
Redirect Chain
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%...
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fww...
485 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9d8cd3e8e303ad7052efe31a21897655df56b32007f954c6549c7eb52e261045
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
282
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:56 GMT
expires
Mon, 24 Apr 2023 07:51:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1682322716654&cv=11&fst=1682322716654&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&ref=https%3A%2F%2Fapple.news%2F&hn=www.googleadservices.com&frm=0&tiba=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&auid=2009495730.1682322717&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c597612667584c18f4a48a5ceb962b4186096ab7e4669adf330743be39208208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33132
accept-ranges
bytes
content-length
4777
RCf39ced5c22854dc7bd6e804a34d45663-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCf39ced5c22854dc7bd6e804a34d45663-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f38fdbb3a0b25f3fbd984e544b8f1cd33252c19757a23dad98582bd498e220d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
UydGf7R4Q3L6r9k7YBFhPjdZ_6jYK7Jo
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 00:47:33 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25464
x-amz-server-side-encryption
AES256
etag
W/"c62d873d09adddd63bcfbe2f0d92c99b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
pg8BZPFxHpbs8IQwIykZdHrM0FO-oIvl6yAFcM8pvjo7NvS1ABsGBQ==
main.da2a1c8f.js
s.pinimg.com/ct/lib/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
content-encoding
br
x-cdn
fastly
etag
"b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
17556
13008914.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13008914.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 24 Apr 2023 07:51:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D32D3CB402E24DB1A7B8A6054ACC851A Ref B: AMS04EDGE1708 Ref C: 2023-04-24T07:51:56Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=2cf16ce9-9fc3-4c05-89c5-0bf0d8762984&sid=e2c7e900e27411edb31b6f55bcbe4950&vid=e2c81720e27411ed8583317ed0c25b8f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Peel%20police%20investigating%20heist%20of%20gold,%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&kw=gold%20heist,Pearson,Peel%20police,RCMP,smg_gta,smg2_news,InHouseArticle_thestar,dct_ts_gta,dct_ts_policing,dct_ts_crime,Stephen%20Duivesteyn,greater%20Toronto%20airports%20authority&p=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&r=https%3A%2F%2Fapple.news%2F&lt=2363&evt=pageLoad&sv=1&rn=504419
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 07:51:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA634E75317F45E0AC9069A648C4BB66 Ref B: AMS04EDGE1708 Ref C: 2023-04-24T07:51:56Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: apple.news
URL: https://apple.news/AmHA-JiMQR2ixH6dNYB0I6Q?articleList=A5lFoVTDRT-CKsY2yE1VchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
RCcebeff8c827742329aac568372637b0b-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RCcebeff8c827742329aac568372637b0b-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbaf07acd0356b90bb8d0ca983d2d2d19f7a3426e5b89c8cdcd9c9d28193fca8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
k0_8KJrQTfzXk43OO6HWBeMSiY8u24Mu
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 01:24:01 GMT
last-modified
Fri, 31 Mar 2023 20:32:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
23275
x-amz-server-side-encryption
AES256
etag
W/"1e409dfea5bd5fe54adddcee492963ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
OhjhHGauWgnRJm2hKfZqQq9xPSfDDmroqoWYFIdKD07GS8lWXkiJKA==
/
ct.pinterest.com/user/ 		539 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612846434758&cb=1682322716747&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pin-unauth
dWlkPU5UTTVZV0U1WTJZdE4yUTRNaTAwWVRNM0xXSTJNbVl0TkRoa09UUXpaVGRoWkRVMg
pragma
no-cache
content-encoding
gzip
referrer-policy
origin
date
Mon, 24 Apr 2023 07:51:57 GMT
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
x-pinterest-rid
1382905914123408
content-length
375
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1682322716749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:57 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
3798567419445032
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
RC0ce5bb995d064dccbfa9bf274646021d-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/ 		2 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/RC0ce5bb995d064dccbfa9bf274646021d-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13c139d48dadf2a0c42bc0d21525dcc27989bb3a4181b1d4d972e54c8a20b63

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
iXdDxUZOOpHfWMuD0bbkwf1WYQK4Qd8D
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 01:11:16 GMT
last-modified
Fri, 31 Mar 2023 20:32:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
24051
x-amz-server-side-encryption
AES256
etag
W/"1bbfa6d8368446042e876147696e6735"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
D1zYLDjOEnCwiOqypiz8DKvf4P4RQkmLPc8uZ89bAcIvV0llH1awVA==
token
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ 		36 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:43:39 GMT
content-encoding
gzip
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
497
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-amz-cf-id
Hdi5BITzMO065u4Kn6vp9GX27UvjmtIts2lypdqoi_Jhg0bMsTShPA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pe...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1682322716793%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Fne...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pe...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-p...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&liSync=true&e_ipv6=AQKfo4-6pwMFxwAAAYeyP3pkrO2KxJvi93t4akKWhvJpveI-t4ZHGDWi4X-fkvnHPaA7U8w
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:56 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F7CA4B850F814A9FB0473D9B04EAB113 Ref B: DUS30EDGE0807 Ref C: 2023-04-24T07:51:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6EEf5EOivjj8K4ygkJw==

Redirect headers

date
Mon, 24 Apr 2023 07:51:56 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 063FE16043D64EEDB81ED540FFF5BD50 Ref B: BRU30EDGE0612 Ref C: 2023-04-24T07:51:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1682322716793&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&liSync=true&e_ipv6=AQKfo4-6pwMFxwAAAYeyP3pkrO2KxJvi93t4akKWhvJpveI-t4ZHGDWi4X-fkvnHPaA7U8w
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6EEf1wpxiTgqLUWUCvA==
/
www.facebook.com/tr/ Frame BA62 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.thestar.com
Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.thestar.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:56 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
load-cookie.html
elb.the-ozone-project.com/static/ Frame 6091 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65382ce9001afc2b1481dc893139f55a265dd0dd1f3fb30006f45519cf1176c2

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bccc394fad70a51-AMS
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 07:51:57 GMT
expires
0
last-modified
Wed, 19 Apr 2023 12:29:36 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1682322716654&cv=11&fst=1682319600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&ref=https%3A%2F%2Fapple.news%2F&frm=0&tiba=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=835347941&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/698108511/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/698108511/?random=1682322716654&cv=11&fst=1682319600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&ref=https%3A%2F%2Fapple.news%2F&frm=0&tiba=Peel%20police%20investigating%20heist%20of%20gold%2C%20high-value%20goods%20from%20Pearson%20%7C%20The%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=835347941&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investiga...
adservice.google.com/ddm/fls/z/ Frame E37B 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html
Requested by
Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CODsur-Ewv4CFbtDwgod_rkMyA;src=10230056;type=ret01;cat=land01;ord=854132334858;gtm=45fe34j0;auiddc=2009495730.1682322717;~oref=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://10230056.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304180101&jk=1719987389693473&bg=!09Cl0ITNAAYfNdXmPzU7ADkAdvg8WgDq8DhmyuyCdA54vIWDtm36K4GJ9rSUOTahhPBeKlnagPsq5pO07ced7zhlgZJBD0j-0doCAAAAw1IAAAADaAEHmQLOLONJIlBYakxjJHEKVP1mc8zTpWwOcGqBnQOkInPaYSo1kg7v921XUqzdwrCBzRO3YkXGr6PzNiIKm0auA1w0USnErHzJE5LIUVqk_Z6Zpee2wtY-PKjnBOEcI_5QcpY-avJksf4tCzzjUabXLgappWxYVjLC8tK04YBU5ZNCylwUDB9hsDiu_PyQ1dTwxaoobORNUY6nY5bND1UG9aJ6u18tI8m0nk49MehDf93QWJlGGRniujXidBajhE0p1T3bdcLr1veEglV6rhBvFk6XTDImEc5PXqEn6YR1vxC1etx3ng-p37O3wR---ndW3ONEbMoSqEEy9WtXINVi8VUae0MGV9G01TykXyzuselyXVFL2gHCc_OAMC04pihceGdVAkASqSPKXqO5v-90SofLNsuEwZcFZOHcadzjTmwOQ_d4otbbe25ojdA7OOqjDO9E24NTEPjvt54Sg1HzC3mfVNxDfBfsFmwjJjhUkRf4E_ahV4lB-OAUqd9d4YorqMo68pG1rEaGadC2FyZeJrPkV8XkMWipLufQqL7UfxcblHTMe0SraKV0JIWFosAL-CJfKtm8x1-HBBm-StNM9KOduxw0RSodXuStD7VpdkOuCbwQVgRROfoRULpjuPTTT4ve_MylvMkp7htYSuoM64ppGGDR3Sb7J156km6Mf99tabN6cQ_aEYXTwnKcvIKeS6ysgOoUJ1e6HYB5xR1_PZWX9buIVoCk-jPbapCExm9pAVt89F3DLLb_M6hufBq3GKSWjjprtf1nsCTEYtKav4RIJsRzYz7P6IjpMenem2TSEt8xLKJxstP7NAgfMS0FQ4aQvKx0JXgSuWG9KBz1L6TIAJNqi8qwB5GOMujagNBXFOJEl5NCO8jGTs6YhgAFNe-9-oteFjOiy6G50n3ZCFO7jjnrCLeJgaiaph6dLZarSHR3_pqxdNBdrAKTXQs01A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ Frame 6091 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:57 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7bccc395e81a0e7e-AMS
cookie_sync
elb.the-ozone-project.com/ Frame 6091 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bbbf1983f512fdd2dafa243aeaa679899c104c5bbc34a816fe0a30f731d916

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bccc395abad0a51-AMS
expires
0
PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 6091 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.78.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-78-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:57 GMT
X-Accel-Expires
0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ct.html
ct.pinterest.com/ Frame D9C3 		565 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 07:51:57 GMT
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1362441416901340
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1682322717235&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=29c41124-9c04-42ab-88d4-dc4a18ccd4c8&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:57 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1938029788449510628412
0
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1938029788449510628412
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3980e8c0a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1938029788449510628412
date
Mon, 24 Apr 2023 07:51:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
s08012393154530
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LDQM/ 		43 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LDQM/s08012393154530
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f6fb187a386/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 07:51:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 25 Apr 2023 07:51:57 GMT
server
jag
etag
3612760527210217472-4619753138685190600
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Sun, 23 Apr 2023 07:51:57 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 6091 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAGhpU7IjGoAACDtitnEMw
0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAGhpU7IjGoAACDtitnEMw
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc39ac9e00a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAGhpU7IjGoAACDtitnEMw
Date
Mon, 24 Apr 2023 07:51:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5488056305867454430
0
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5488056305867454430
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc39c4bf00a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=5488056305867454430
date
Mon, 24 Apr 2023 07:51:57 GMT
content-length
0
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 24 Apr 2023 07:51:58 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 07:51:57 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
cookie
cm.adform.net/ Frame 6091 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:58 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=de140195-7cb8-4175-8ca9-69605769dc5b
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=de140195-7cb8-4175-8ca9-69605769dc5b
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc39edf710a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=de140195-7cb8-4175-8ca9-69605769dc5b
date
Mon, 24 Apr 2023 07:51:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
101995
dmx.districtm.io/s/v1/img/s/ Frame 6091 		0
0
pixel
ap.lijit.com/ Frame 6091 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 24 Apr 2023 07:51:58 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=dcb2d081-1054-4a11-b1bf-a54bd838ad2a
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=dcb2d081-1054-4a11-b1bf-a54bd838ad2a
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3a10a6b0a51-AMS
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:58 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=dcb2d081-1054-4a11-b1bf-a54bd838ad2a
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
i7dbbdsfevne0619fk0nppphatv2aruu
generic
match.adsrvr.org/track/cmf/ Frame 6091 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 07:51:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=b9cc33fc-430c-4cb7-8e38-bc7dd0223932
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=b9cc33fc-430c-4cb7-8e38-bc7dd0223932
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3a3ee730a51-AMS
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=b9cc33fc-430c-4cb7-8e38-bc7dd0223932
Date
Mon, 24 Apr 2023 07:51:59 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-sPrfb8tE2uHtcdriCslc7KdMzE2Zk8YJA5mLXXk-~A&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-sPrfb8tE2uHtcdriCslc7KdMzE2Zk8YJA5mLXXk-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3a578de0a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-sPrfb8tE2uHtcdriCslc7KdMzE2Zk8YJA5mLXXk-~A&gdpr=0
date
Mon, 24 Apr 2023 07:51:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/FGMrCMMc/ Frame 6091 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:51:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8101 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60563
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 24 Apr 2023 07:51:59 GMT
expires
Tue, 25 Apr 2023 00:41:22 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 8101 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64968952&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c881bf5c15b23912d88d3637cf220c6a592a0fc937541e5f1cb3b7977ea4d6eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 07:51:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 34DA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&gdpr=0&gdpr_consent=
42 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:51:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 24 Apr 2023 07:52:00 GMT
Expires
Mon, 24 Apr 2023 07:51:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x13 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 5C38
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7611324175373130344
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7611324175373130344
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:52:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7611324175373130344
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8C66 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 07:51:59 GMT
expires
Mon, 24 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
241866
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame FEEB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727404957715
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727404957715
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:51:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 24 Apr 2023 07:52:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727404957715
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame 8621
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:52:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 24 Apr 2023 07:52:00 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
setuid
elb.the-ozone-project.com/ Frame A175 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bccc3a81c3a0a51-AMS
content-length
0
date
Mon, 24 Apr 2023 07:52:00 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8101
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zo8dv1rlQLeuIgM0xDwG3w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:52:00 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60562
accept-ranges
bytes
content-length
5554
expires
Tue, 25 Apr 2023 00:41:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8101 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.248.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.214
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 8101
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2534061181
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2534061181
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:59 GMT
via
1.1 google
last-modified
Mon, 24 Apr 2023 07:52:00 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:51:59 GMT
via
1.1 google
last-modified
Mon, 24 Apr 2023 07:52:00 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2534061181
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 8101
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjhpUURadUV6WHJSOWloZklXbENjNnZEdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=634108300491404176&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
HTTP/1.1
Server
3.218.36.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-36-50.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:52:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 24 Apr 2023 07:52:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8101
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0U4RjFEQkYtNUFFNS00MEI3LUFFMjItMDMzNEM0M0MwNkRG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:51:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8101
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENlPrM0cqCekHGE7k0Yn_3k&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENlPrM0cqCekHGE7k0Yn_3k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:51:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENlPrM0cqCekHGE7k0Yn_3k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8101 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 23 Apr 2023 07:52:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8101
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=634108300491404176
42 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=634108300491404176
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 07:51:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=634108300491404176
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 8101 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 07:52:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZEY1IPCcGqovDYq9pJN6lgAA%265233
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZEY1IPCcGqovDYq9pJN6lgAA%265233
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3ae8e3f0a51-AMS
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 07:52:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZEY1IPCcGqovDYq9pJN6lgAA%265233
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1dc2dc29-e945-4c22-8c5f-01992bc16473
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1dc2dc29-e945-4c22-8c5f-01992bc16473
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3b098f60a51-AMS
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1dc2dc29-e945-4c22-8c5f-01992bc16473
access-control-allow-origin
*
date
Mon, 24 Apr 2023 07:52:01 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame 6091
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8230516628423329191
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8230516628423329191
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 07:52:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7bccc3b1bac30a51-AMS
content-length
0
expires
0

Redirect headers

Date
Mon, 24 Apr 2023 07:52:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
31.204.152.196; 31.204.152.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f623dd4f-c4bb-4c02-8cb8-6f8271b7228f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8230516628423329191
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682322721561&plid=33554279&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&urlref=https%3A%2F%2Fapple.news%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2275218257341515758790122286036848578529%22%2C%22_scrollIncrement%22%3A2%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A9370%2C%22_trustBar%22%3A5348%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&sref=https%3A%2F%2Fapple.news%2F&sts=1682322712955&slts=0&title=Peel+police+investigating+heist+of+gold%2C+high-value+goods+from+Pearson+%7C+The+Star&date=Mon+Apr+24+2023+07%3A52%3A01+GMT%2B0000+(GMT)&action=_scroll&pvid=11423171&u=pid%3D31784d19269faee54f1bd32a52f21dbd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 07:52:01 GMT
Cache-Control
no-cache
Last-Modified
Monday, 24-Apr-2023 07:52:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
elb.the-ozone-project.com/cdn-cgi/ Frame 6091 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=2f5c1fe5-f043-4a5e-9d1c-ca5fc697f17e&publisherId=TKN100000001&siteId=4204204311&cb=1682322713937&bidder=ozone
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json

Response headers

date
Mon, 24 Apr 2023 07:52:01 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7bccc3b23b7b0a51-AMS
SPug
simage4.pubmatic.com/AdServer/ Frame 8101 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 07:52:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| ozonePrebidAdunits function| ozoneLog function| ozoneError object| pbjsFile object| integrationFile object| permutive object| googletag object| __PRELOADED_CONFIG_DATA__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| gs_channels function| Kumulos function| receiveMessage object| dataLayer undefined| url undefined| meta number| _vis_opt_account_id string| _vis_opt_protocol string| _vwo_mt string| _vwo_tm string| g object| vwo_iehack_queue boolean| adBlock string| theStarSAccount object| _comscore boolean| comScoreFirstLoad number| scrollIncrement object| PARSELY function| trackScroll object| referrerHistory function| initTrackingBeacon string| $igniter_var function| $p object| apstag object| blueConicPreListeners function| BCClass object| blueConicClient object| SUBSCRIPTIONS object| SWG function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering boolean| canRunAds object| pbjs object| adunitCodesProcessed function| auctionRetryer function| getUnrequestedSlots object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt function| pbjsChunk object| _pbjsGlobals object| __LOADABLE_LOADED_CHUNKS__ function| Buffer function| setImmediate function| clearImmediate object| AWS object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| smg object| vfQ object| adobeTokens object| COMSCORE object| ns_p object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in boolean| __bt_already_invoked object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA object| MoatContent function| pbq object| __oovvuuPlayerConfig object| webpackChunkli_browser_client object| default_gsi object| google object| closure_lm_840843 object| bc_json901 boolean| apstagLOADED object| apscustom object| _aps string| GoogleAnalyticsObject function| ga function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| keyLinkTrackVars object| pbProcessor function| _typeof function| oovvuuRuntime function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing number| curY number| curDepthRatio object| gaplugins object| gaData boolean| msgData object| webVitals function| InteractionTypeImpl object| _bcp object| mdc object| userAgent number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| host boolean| __oovvuuLoadBc function| clsn object| dicnf number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc function| $ function| RuleService object| justDetectAdblock function| md5 function| BlueConicMetaDataService object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath string| _this_intIDs string| _page_title string| _this_href string| _this_referrer string| _this_paywallType boolean| bcUrlListenerActive function| bc object| interactions object| dialog object| button object| bc_metercount function| fbq function| _fbq object| bc_datalayer function| theStarLinkClick boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog function| videojsPlaylist boolean| __oovvuuBrightcovePlayerLoaded function| WebVTT function| omrhp object| bc_json903 string| _this_variant string| _this_dialogue string| _this_dialogueId object| bc_json902 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_725651 object| closure_lm_265536 object| closure_lm_386092 object| vttjs object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| campaignData object| TheStar number| auth number| x number| ati number| ki number| tsi function| __d3lUW8vwsKlB__ function| trackFB string| fbPixelId string| pageType string| template string| twitterPixelId string| SiteDomain function| twq string| PinterestPixelId function| pintrk function| jspbGetTypeName function| __an6na521li18__ object| OWQ5ZWM4NmRjNTBkYzJlM2xvYWRlcl9qcw== string| OWQ5ZWM4NmRjNTBkYzJlM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| twttr string| bingPixelId object| uetq object| GooglebQhCsO string| linkedInPixelId string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| UET function| UET_init function| UET_push object| ueto_4afb11b27d string| redditPixelId string| transactionId function| rdt boolean| _already_called_lintrk object| google_image_requests number| m boolean| pvOccured boolean| pageViewOccured object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| s_i_torontodnnlocal

118 Cookies

Domain/Path Name / Value
z737.thestar.com/DG/DEFAULT Name: BCSessionID
Value: f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69
torstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69
.thestar.com/ Name: _vwo_uuid_v2
Value: DE327D472A3D577D836577DA1008F9561|76c9b1c331b6b72ea769ca185131c492
www.thestar.com/ Name: last_visit_bc
Value: 1682322711622
.thestar.com/ Name: bc_tstgrp
Value: 3
www.thestar.com/ Name: AccessToken
Value: idv2lguji8d3os5wzsvywsiw0ims1cnea
.thestar.com/ Name: permutive-id
Value: eb3e6930-0035-49ad-89be-1ac9342d226b
.scorecardresearch.com/ Name: UID
Value: 1056eea4efa15ca421c08221682322712
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: edaa267c-234e-414f-940d-32f9381bb71f
www.thestar.com/ Name: userSegmentLogin
Value: false
.thestar.com/ Name: _igt
Value: 58af7795-b517-40af-8b50-53a5d9467524
.thestar.com/ Name: _ig
Value: 5903ee75-6dcc-470b-b218-830068e0ee85
.demdex.net/ Name: demdex
Value: 75254817816889434370125951155054892523
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.viafoura.co/ Name: VfSess
Value: demme3dan9onfqtvsf035qnr7q
.thestar.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
www.thestar.com/ Name: _vfa
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.3b008a42-a779-431e-af81-803a2a755dbb.1682322712.1682322712.1682322712.1
www.thestar.com/ Name: _vfz
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1682322712.1.medium=referral|source=https%3A%2F%2Fapple%2Enews%2F|sharer_uuid=|terms=
www.thestar.com/ Name: _vfb
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.4.10.1682322712....
.thestar.com/ Name: __psid
Value: 1682322712943
.thestar.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html%22%2C%22sref%22:%22https://apple.news/%22%2C%22sts%22:1682322712955%2C%22slts%22:0}
.thestar.com/ Name: s_ecid
Value: MCMID%7C75218257341515758790122286036848578529
.thestar.com/ Name: local_ga_B4CQN4KW3R
Value: GS1.1.1682322713.1.0.1682322713.60.0.0
.thestar.com/ Name: local_ga
Value: GA1.1.1385472192.1682322713
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEY1GQAAANn7lANx
.thestar.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1682322713.1.0.1682322713.60.0.0
.thestar.com/ Name: _ga
Value: GA1.2.1385472192.1682322713
.thestar.com/ Name: _gid
Value: GA1.2.840837939.1682322713
.thestar.com/ Name: _gat_UA-70431129-1
Value: 1
.thestar.com/ Name: _gat_UA-73335503-3
Value: 1
www.thestar.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.dpm.demdex.net/ Name: dpm
Value: 75254817816889434370125951155054892523
.viafoura.co/ Name: vfDeviceId
Value: 0a215080-1fa8-42f7-a8b1-926a7221228c
.thestar.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19472%7CMCMID%7C75218257341515758790122286036848578529%7CMCAAMLH-1682927512%7C6%7CMCAAMB-1682927512%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1682329913s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19479%7CvVersion%7C5.5.0
.www.thestar.com/ Name: ts_s_ecid
Value: MCMID%7C75218257341515758790122286036848578529
.doubleclick.net/ Name: APC
Value: AUJbPO4QP0UVmRWMr17MJUlsAU7LgSfiFByksyGimEviwWAdtzjo
www.thestar.com/ Name: BCSessionID
Value: f1dab5c2-a6b6-4a2b-83f4-6441fb9bee69
www.thestar.com/ Name: selectedPersonalizedCategories
Value: []
www.thestar.com/ Name: personalizedListModeEnabled
Value: true
www.thestar.com/ Name: latestContentTier
Value: 0
.thestar.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=31784d19269faee54f1bd32a52f21dbd%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682322712955}
www.thestar.com/ Name: rememberMeML
Value: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html
torstar.blueconic.net/ Name: AWSALBCORS
Value: vMgYmNRFtLtUzT3OEbJOIPwcUbIqbB1Ljbz2L2Gq9syiZbiQiZA8zH77cH39FhbrInaopwocB5ZSYulVrOGLhAfVRuk5lUvY7mxi+GFZCS+HuVc+d6AxsD86qLJh
.the-ozone-project.com/ Name: __cf_bm
Value: jhqcP9jFiBHg89A0Rzo3OMYkO4DXvO0SEOTpPxaqvlQ-1682322713-0-AW4ZvIfnxeiYdQMJeH5lOjIUmkwTMZppQ9Qo5+d7pVMSTkCOZBjbdta146uW98AzEyTz0GvAo3JokBmx+T+UUFI=
.doubleclick.net/ Name: IDE
Value: AHWqTUluLykZPBfN4TplzClUtQ4p3ZrUiY8SvU-56kfCCIPqFABh-gm6SaSt9s4_hSU
.thestar.com/ Name: __gads
Value: ID=e29aedab8d9c158b:T=1682322715:S=ALNI_MZIjpkYd44fWkmLkIfVVPB2mNu71w
.thestar.com/ Name: __gpi
Value: UID=00000c08ca752816:T=1682322715:RT=1682322715:S=ALNI_MZYJpQR_LXFjNAztUl00eCypT6H4A
.thestar.com/ Name: _fbp
Value: fb.1.1682322716353.1125413480
z737.thestar.com/ Name: AWSALB
Value: D3gDvwoJ8ca+PYrcyFE5BXOSKBG4PD75/jG71fmMuUNUx5jzOHGMT96HfQjIYqKOE7Aol0+Km77WI/4fAD3Syh8+kXUi8Hu3iet7wll6wjSzRRu9zKxfUGVH2A/F
z737.thestar.com/ Name: AWSALBCORS
Value: D3gDvwoJ8ca+PYrcyFE5BXOSKBG4PD75/jG71fmMuUNUx5jzOHGMT96HfQjIYqKOE7Aol0+Km77WI/4fAD3Syh8+kXUi8Hu3iet7wll6wjSzRRu9zKxfUGVH2A/F
.thestar.com/ Name: _gcl_au
Value: 1.1.2009495730.1682322717
.thestar.com/ Name: _uetsid
Value: e2c7e900e27411edb31b6f55bcbe4950
.thestar.com/ Name: _uetvid
Value: e2c81720e27411ed8583317ed0c25b8f
.twitter.com/ Name: guest_id_marketing
Value: v1%3A168232271670443563
.twitter.com/ Name: guest_id_ads
Value: v1%3A168232271670443563
.twitter.com/ Name: personalization_id
Value: "v1_pVIB7E2YBVSzeni/aSKVjQ=="
.twitter.com/ Name: guest_id
Value: v1%3A168232271670443563
.t.co/ Name: muc_ads
Value: 6575a331-5c44-476f-a5c5-eeae939c3798
.bing.com/ Name: MUID
Value: 09DE318B86BC6AE826902376871F6B80
www.thestar.com/ Name: ln_or
Value: eyIzMTE2ODY4IjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQLjVL38amjuWQAAAYeyP3ksFv8FefYDdJhH8aotn1gzDS-RueL5HQI4i6b7Kpl0z-JSvcdFkYmBnA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKbh20Q4vwGIgAAAYeyP3ksykw74EJurKMsLjNvWZMN4-tqcnjtj_xBmzFOuqrOXLYQnd8x0bg5z81UXYzEVg
.linkedin.com/ Name: bcookie
Value: "v=2&4b7704ac-49e5-4887-8bb1-132a3544f7ed"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2907:u=1:x=1:i=1682322716:t=1682409116:v=2:sig=AQFP_WkqGDlgXCST4m8s5_nSFUsWayhp"
.the-ozone-project.com/ Name: ozone_uid
Value: 2OrdczlcnZsbI4H2J1fSayWbAAS
.thestar.com/ Name: _pin_unauth
Value: dWlkPU5UTTVZV0U1WTJZdE4yUTRNaTAwWVRNM0xXSTJNbVl0TkRoa09UUXpaVGRoWkRVMg
.www.linkedin.com/ Name: bscookie
Value: "v=1&202304240751570f8f4c18-3200-42b5-851b-8618d78f9fd1AQGp01iBVGWWVGyrPqxnv3XAkf142Z7r"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODIzMjI3MTc7MjswMjGAqDGEgpngpdZ2wKQ28okXIk3MVpSmlWzghrZeBkIh1g==
.thestar.com/ Name: _rdt_uuid
Value: 1682322717234.29c41124-9c04-42ab-88d4-dc4a18ccd4c8
.kargo.com/ Name: ktcid
Value: ac236448-8cf5-0b18-5e43-ef539b8cf0c8
.thestar.com/ Name: s_nr
Value: 1682322717305-New
.thestar.com/ Name: s_nr2
Value: 1682322717305-New
.thestar.com/ Name: s_cc
Value: true
.3lift.com/ Name: tluid
Value: 1938029788449510628412
.bidr.io/ Name: bito
Value: AAGhpU7IjGoAACDtitnEMw
.bidr.io/ Name: bitoIsSecure
Value: ok
.smartadserver.com/ Name: pid
Value: 5488056305867454430
.bidswitch.net/ Name: tuuid
Value: de140195-7cb8-4175-8ca9-69605769dc5b
.bidswitch.net/ Name: c
Value: 1682322718
.bidswitch.net/ Name: tuuid_lu
Value: 1682322718
.openx.net/ Name: i
Value: 36c06017-004c-460f-80e5-adb63d445c5a|1682322718
ads.avct.cloud/ Name: uuid
Value: b9cc33fc-430c-4cb7-8e38-bc7dd0223932
.yahoo.com/ Name: A3
Value: d=AQABBB81RmQCEOGU3YOR3VNvjLWRR2rhbzAFEgEBAQGGR2RQZAAAAAAA_eMAAA&S=AQAAAsPiLQDgNZatUpwI24RNNKQ
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bl~2b9j
match.sharethrough.com/ Name: AWSALBCORS
Value: Ik72DFRZAMS1oWimbLnqAG7QQT5zpAAb3+d3vsO5Xt9cVMeQJh+G+i32y7MOEJvm4Wn8lOejBZoFXcv6U7mVTUrkmWhBvnN9Al/dXCohGqOGP/RgHrfn7eG9+OHu
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1683504000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1683590400%3A35%7C1683504000%3A7_161_56_54_8_220_21_13_46
elb.the-ozone-project.com/ Name: AWSALBTGCORS
Value: nAaBftGG/dUsdTUNc1mdVlo3EvbDBA8F99ZR4uSpy7zRR97oI07GlVWimtwyAK7++nd3v5JGCDCeF4+HNSY6EZiaTAy+eNlLua+I+iqK+vBVJgEsaaR4e27fU7KrWsNPe4fG7mM7e2IUT4ZpHoxXTE+kx1pCCIu9BhtdUnZnLb7jps0iX/U=
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhdm9jZXQiOnsidWlkIjoiYjljYzMzZmMtNDMwYy00Y2I3LThlMzgtYmM3ZGQwMjIzOTMyIiwiZXhwaXJlcyI6IjIwMjMtMDUtMDhUMDc6NTE6NTkuMzcxNDE0NTQ2WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBR2hwVTdJakdvQUFDRHRpdG5FTXciLCJleHBpcmVzIjoiMjAyMy0wNS0wOFQwNzo1MTo1Ny45MDkzODY1NTNaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiZGUxNDAxOTUtN2NiOC00MTc1LThjYTktNjk2MDU3NjlkYzViIiwiZXhwaXJlcyI6IjIwMjMtMDUtMDhUMDc6NTE6NTguNTU4OTg0ODY4WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJvcGVueCI6eyJ1aWQiOiJkY2IyZDA4MS0xMDU0LTRhMTEtYjFiZi1hNTRiZDgzOGFkMmEiLCJleHBpcmVzIjoiMjAyMy0wNS0wOFQwNzo1MTo1OC45MDQ0Mzg2N1oiLCJzb3VyY2UiOiJjb29raWUifSwicHVibWF0aWMiOnsidWlkIjoiQ0U4RjFEQkYtNUFFNS00MEI3LUFFMjItMDMzNEM0M0MwNkRGIiwiZXhwaXJlcyI6IjIwMjMtMDUtMDhUMDc6NTI6MDAuMDQyNjM0NDJaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6IjU0ODgwNTYzMDU4Njc0NTQ0MzAiLCJleHBpcmVzIjoiMjAyMy0wNS0wOFQwNzo1MTo1OC4xNDkyMDEzMTZaIiwic291cmNlIjoiY29va2llIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTkzODAyOTc4ODQ0OTUxMDYyODQxMiIsImV4cGlyZXMiOiIyMDIzLTA1LTA4VDA3OjUxOjU3LjQ2NDMwNDA3NloiLCJzb3VyY2UiOiJjb29raWUifSwieWFob29zc3AiOnsidWlkIjoieS1zUHJmYjh0RTJ1SHRjZHJpQ3NsYzdLZE16RTJaazhZSkE1bUxYWGstfkEiLCJleHBpcmVzIjoiMjAyMy0wNS0wOFQwNzo1MTo1OS42MjE3MDU1MTVaIiwic291cmNlIjoiY29va2llIn19LCJiZGF5IjoiMjAyMy0wNC0yNFQwNzo1MTo1Ny40NjQyOTkwOTlaIn0=
.mathtag.com/ Name: uuid
Value: d90f6446-3520-4c00-b8dd-23c5f93891a1
.simpli.fi/ Name: suid
Value: 4C82BFBDF8274A0D989E9F6ECF149DE5
.weborama.fr/ Name: AFFICHE_W
Value: zZYC14hN0yXN43
.quantserve.com/ Name: d
Value: EIIBCwHqKPijAA
.quantserve.com/ Name: mc
Value: 64463520-1722f-07a0c-bef47
.de17a.com/ Name: guid
Value: 1.7611324175373130344
.adform.net/ Name: C
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjcxMLE0NTc3NBXiM9St8CsuTo7IdnIPKXYEAJLeZdklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkbGRkbmRgaGYIAFYU3TcQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjcxMLE0NTc3NBXiM9St8CsuTo7IdnIPKXYEAJLeZdklAAAA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&KRTB&16736-uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&KRTB&23019-uid:d90f6446-3520-4c00-b8dd-23c5f93891a1&KRTB&23114-uid:d90f6446-3520-4c00-b8dd-23c5f93891a1
.adform.net/ Name: uid
Value: 634108300491404176
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727404957715
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENlPrM0cqCekHGE7k0Yn_3k&KRTB&22987-CAESENlPrM0cqCekHGE7k0Yn_3k&KRTB&23025-CAESENlPrM0cqCekHGE7k0Yn_3k&KRTB&23386-CAESENlPrM0cqCekHGE7k0Yn_3k
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv&KRTB&19420-LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv&KRTB&22979-LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv&KRTB&23462-LtoPIyvbCSU13wwnKogWJS-PC3Y1jF5zLNkmMquv
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7611324175373130344
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-634108300491404176&KRTB&23263-634108300491404176&KRTB&23481-634108300491404176
.pubmatic.com/ Name: PugT
Value: 1682322718
.audrte.com/ Name: arcki2
Value: 68iQDZuEzXrR9ihfIWlCc6vDw!20220908!1682322720377!ip#31.204.152.196
.audrte.com/ Name: arcki2_pubmatic
Value: CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF!20220908!1682322720381
.audrte.com/ Name: arcki2_ddp2
Value: 68iQDZuEzXrR9ihfIWlCc6vDw!20220908!1682322720537
.audrte.com/ Name: arcki2_adform
Value: 634108300491404176!20220908!1682322720691
.casalemedia.com/ Name: CMID
Value: ZEY1IPCcGqovDYq9pJN6lgAA
.casalemedia.com/ Name: CMPS
Value: 5233
.casalemedia.com/ Name: CMPRO
Value: 5233

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&random=0.5498965853880013, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/news/gta/2023/04/20/peel-police-investigating-possible-gold-heist-from-pearson.html(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F04%2F20%2Fpeel-police-investigating-possible-gold-heist-from-pearson.html&random=0.5498965853880013, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=436380227806?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=436380227806?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CE8F1DBF-5AE5-40B7-AE22-0334C43C06DF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
9e840b35f6f10f308b6cfb67106a260e.safeframe.googlesyndication.com
a.audrte.com
aax.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.nl
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.parsely.com
api.permutive.com
api.thestar.com
api.viafoura.co
apple.news
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.petametrics.com
cdn.viafoura.net
cf-images.us-east-1.prod.boltdns.net
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
crb.kargo.com
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmp.adform.net
dmx.districtm.io
dpm.demdex.net
eb2.3lift.com
edge.api.brightcove.com
elb.the-ozone-project.com
engagefront.theweathernetwork.com
events.kumulos.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.viafoura.co
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.thestar.com
imasdk.googleapis.com
manifest.prod.boltdns.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
metrics.brightcove.com
news.google.com
oovvuu-logos-prod.imgix.net
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
playback.oovvuu.media
players.brightcove.net
prebid.the-ozone-project.com
prod-oovvuu.akamaized.net
push.kumulos.com
px.ads.linkedin.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.openx.net
s.pinimg.com
s.thestar.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
vjs.zencdn.net
www.apple.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
z737.thestar.com
dmx.districtm.io
104.18.43.178
104.244.42.67
104.244.42.69
108.138.17.82
129.213.64.139
13.107.42.14
13.224.192.181
13.225.78.98
13.248.245.213
13.32.118.153
13.32.121.72
13.32.27.82
13.32.99.95
13.37.25.97
130.211.23.194
142.250.181.230
142.250.184.194
142.250.186.98
146.75.116.157
15.197.193.217
151.101.130.27
151.101.64.84
151.101.65.140
151.139.128.10
172.217.16.134
178.250.1.9
18.194.204.152
18.64.141.78
18.66.100.58
18.66.112.119
18.66.97.82
185.29.134.248
185.64.189.110
185.64.189.115
185.64.190.80
185.80.39.216
185.86.139.93
193.0.160.130
198.47.127.20
2.19.228.187
2.19.229.10
2.19.229.113
2001:4860:4802:32::178
2001:4860:4802:32::36
213.155.156.183
216.52.2.86
2600:1f18:1430:9000:22e9:2dfd:5b04:f57a
2600:1f18:44f0:4851:ca80:f712:6be1:b2f7
2600:9000:20eb:a000:2:53b2:240:93a1
2600:9000:223c:7600:8:2ae1:d740:93a1
2600:9000:2240:f800:16:970:b940:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:990
2606:4700::6810:3965
2606:4700::6810:7caf
2606:4700::6812:1af
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200d
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:148d
2a02:26f0:480:7a3::3277
2a02:26f0:6c00:1a9::1aca
2a02:26f0:780::210:ca62
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::be2:3001
2a03:b0c0:3:f0::1bc:5000
2a04:4e42:200::729
2a04:4e42:400::396
2a04:4e42:8d::720
2a04:4e42:8d::84
3.122.78.123
3.125.111.141
3.218.36.50
3.232.207.16
3.71.149.231
34.107.254.252
34.111.129.221
34.120.23.223
34.198.148.95
34.243.208.221
34.250.135.14
34.96.102.137
35.190.14.224
35.204.74.118
35.227.252.103
35.241.9.51
35.244.232.184
37.157.4.28
37.157.6.247
37.252.171.53
51.104.28.77
52.209.248.17
52.212.169.30
52.222.250.70
52.51.135.19
52.51.235.201
54.155.18.159
54.204.6.114
54.220.217.136
54.230.207.225
69.173.144.139
05fde257ab80b3eac2bde1fc720ba59cc6b8ece2e71c675fb72d53231b443109
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a2b2ceaa373454c394edc9c0286e07f646ea25bdcde919c9e429d8090f14081
0b77efcf68621e95a5382b8d5c47029fd62372d3b64e4d93391962fd75548847
0d922eb3f4953292bd493073c2f3a6a13e59d540427cc51159f32275dc4be38b
0ea9725db1d8a1e59ef939ce91e715c6f58521478ce8254eb75f41ed572499f0
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
152aea92bb7fee90b69c1e0df5c623b6ec5c5967c05579f7146d30142cf5b1cb
1604a5ba0f2f61ff17add24c3796fbf2275d0d70d66dd0ec001a79218f5a3099
17d2cfd578db50914e4001a627bfdb056a3b1a8dbeda689659d3066c38c835ad
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19e40c3dc00fa1e40fc830ff1ca3695df239f8e0191036b5e4a9c8b4ced7b7c5
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c7ce835b837f33da10f5e658bf685e5f37447bc5d0ce97405916690abe61308
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2187d4835b3410f0adfeafd43e39ca5bb982f80ef6908be2273771a4d2ce3b2a
22bf9917be4dfaf8ae3765bfcaa625d4c1a5c3b795932dc34d32d4a77da3e658
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2743fd57b0a93463f71b4d21503dbd7d836d1409b28a94f76a0f23a82d676bf5
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a
28e777b88e72313ccef8f8cd1152683583205300396a5bfeb59bad7008d09a78
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab85c23e889b6b4a5d830f397943064310523ec181319d32a92aca9d9b44e31
2b6c413ffb36ec1caef2d95fd49daf0d4f4cf8cd5683a914f539c5861194f27b
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3215c39c52a4b71e63c0e1fb2d8927c76309ed448dc5f7736dcf12ce3d6a18ff
33bf786b822ca284f7f83360b1dcd310781ee39482e3134503e0424ec94987a8
34b6ba37126323d980521d6674bf8738b230e7cc85df04bf091a0b8e780169a7
35df32aa48d267dde59126c89348fa78fce805d9beb25a3ac5d6d87f7e94878e
364421db3ae91f011e8ee0dbce27c2aa3c3cb12b5f3573afc75ddcf78fc1f692
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
3b35e8a9a0f663e530206b5269949ed035e6204502ba27b74ba8cbf0f75c9051
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
3c7e715e692988844c5d06321464a4fe0d34a132e04914975152c442e5ad87e9
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3ee61f18cb2a5e727634616631d4bbcb6721b238ab111cebbc5c379a224da331
3f374ce6ab4d73c3248de8123d28f1018a3fd7b9dce02aa96390f1f2fcfd7515
40fe4912c59338d43f21fda3535750983e21dd2b8b8664b2520d63e821d62c56
413992138f5373560b05464b1b6ef7590d0b4155fba61cb4defb40f5b1b02fea
41973789d2a0467f6a188d20246909324ae148511232fd53f406393a4fc3add1
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
4257b59e52b85ce40219fcb866545efe95e90dea3a5ae35db370634d61cc12eb
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4457f5c4f0c738541cd408ef71b7f9bbd1a19f56387c28b6eb2b6743f87789a0
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44f0e3bbd7276f0f73ca7f12b97336c06f774d7854745904ba403df248c36877
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4743d5947000551def54c2e93abe246e0eba712fb3a6fe8d13b9d23a2f143f0d
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4936f78570a923a7e85ea0c70b531c55be1b811804cda22fc0ea27ebd3389a97
49bd5cc239085142e293f889016f2329dfc5e6b96c4974468341c4af12bf343d
4af13c232e471d27b11fe6f727165fd624845123e3cd65bb28164ddb6087493c
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb1431d871d80d4fd51c3ec502d64aed4b1332fc6a0329dc9e4ee2137cb9ddd
4ecf4138d52acb1c51f0bfd59fdbf2f789f5c50e64b7c3096bf991ff2685895e
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
52a7a65dda1d3e7fed364639ad3abc29c98d846a672725e85fb5495c0d4da127
52b3123de7b78e6b47142295712347436d22c0a3d81085916701203557fbce80
52c6b724460d1cc1eef6b6b43f27f26d9f17f392ca2148e0df83f05f3cbc9970
5398c0f9ed0af8a3eec8338635c1e876e3eb1d9fb253523cbfd2aa98709f8a7d
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
557606099fbed4d68ae43d4b37967bf9d38f3db361fff4dc2c17d22b80fd083d
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
563ef2ed3f9d0f46ac612d268d96164a269cc6e6689d85afbf5d647c4b026334
56c941b1e3f874127b049f1bc080ab30d366f4c89fd577ba60fe027cfaac14a1
57539d9045c52b30160e0aaf179346f370f0bdf53bf1810614ade8f51f8feae5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ac638601f052e0363ac16c73d5de35fa4972f8318ae7c47d7e8c9ee8f1a6f76
5f38fdbb3a0b25f3fbd984e544b8f1cd33252c19757a23dad98582bd498e220d
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
600977c5b7cb98bb6dc74f7d37896a3d662b2881473717c468b52bcbcae4bda5
6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64bbbf1983f512fdd2dafa243aeaa679899c104c5bbc34a816fe0a30f731d916
64eb1841c385edc0225cb4f85b2ea001cc69cccee156dea5d99a28cfacfe9be9
65382ce9001afc2b1481dc893139f55a265dd0dd1f3fb30006f45519cf1176c2
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
69fd59381ad8076fac22fa6039e97cdb02a525eacc7a24aa675fc49247581322
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf0de52c3d53c3321b2314dd75bfacb03d04b829cb1cab3b36e7f77b13d4e33
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6d86be2d316299f1fc943672cf342a9fcc79eb0c3d968e1cd1ec4eeb51197752
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
70bac731b6e0fe4fd045f4c4481557ca4616884ca4b3a7729e165360788e9757
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b11bc16ba81355d4be89e3f7d316d9e9dec7c33a43d45c2277b0df713a4ca4
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
7378bb30948ea6502b92a7dcf64fa47052f3e1157f0b5ab48a5c8a047fc03de4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746024136b00b64f983613eb3a4da3f1e54a5971d492909ae4a681ef14c5fa1a
74ac90167fd8dc1ef29e518947d19b122bcc26481aa4c09433f1ece6d2d9244b
781467925932cc8461d6fc15c09bdb55e1fa35393e273e9200eb2c31b0bc2c35
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7970c2c0b7cf26c0a458622c5aa2c6544ed37c873777471adbf45ba73772d77a
7a42dac047c13d30244074e7c1caf24f3c12a5af603c8e15b79b1bb84236dcb5
7adadfc922b9d5c0fb384c2e2bf2043503f1073f7a668d45979e4dc4d1fbb5b3
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c021c5bb27b2d5cb11c9196c92051424b5058518863c9c8b3647907429f54f2
7e41416ea440eee0f014c0435cd770f9350e5aca422cca447aaba8538de0a3c3
7f68b12a3b706772a33cdd69dde7bf711f26a817b1433c5f424fed39cf4c4ab2
81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c
8243d86bc0a0ca16050e56375ae55b7da0d205f48a1b5b18eadf9f20ecf00c9c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83894c8f2086b30672f1f28173248c96c434f79c9aed93683a031a7ccea85cb8
868bc7842890371d6e834cfa57d396d6896114c884761d49286e9deef805da83
88d2f5eb271c5b4eed4a89f99a78276ec41752d5256a486f0bc22bf718972dc9
89da3cdde3e1342c4be9c33c4a8b21ad7efa987154b62490ebf00dc9dddf78b2
89f552ddee3a15ece732cef0cbd8b8968e750d0f044ca5e0815e07abbaf49584
8a1626997b74068b226e4a6a50e235a9af6165233fcb2cd64d935587b3a80091
8bc773263323637207ff0f72f2ebf659e575ab8aa2e354b87d7f72b4b3fd1f7e
8be9902de75306809167ab335f0b7668ac49f809459e6d0ffdcffb8e992aab21
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebba7e7cedfbf65dadcc6e887797c44a03f27b87f29e1f026b1703e65673ccc
919d92b79fad2c6bdd0a0b50f604503e4c9958ed5486c4aa8a78e1334604fccd
91d061e2c041731885965af44e53c437f51356c5ab62343209b12d8ddf53fdac
920e19d37cc9f294e3dfbb51836a64b7fd0b39d9a3c9e2ab1032450a611c7cab
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
929e98ac32cb3b0bf033c619c2baa6b5b60e0c97bb02712b5aad315ed827a994
92d202859112925404eb2a513fb2f387b1db19d552c7a11f651ad79f4f765465
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
96c119c1e958c16cf0fbb31b28fc27c217eedd73d5016c18b8d97afd5855f190
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
978ddf3ddbf0fe3fb2aa857326a2dc7a202193a10b95b1d011328f162ab6e598
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
9d8cd3e8e303ad7052efe31a21897655df56b32007f954c6549c7eb52e261045
9e4f18e2de71d9375e38c68a5d38e6b3acb0c034aa55f49617821c7738549f48
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a21c1dccbe0ca669ae912ef34f1ae2fcf2f078e039f5ad2c4b4d35080714ef9f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a533fb8fc558fb13e694ea8429bb52833e36b185fa3e1e7df0728e64db9d9617
a68d2cb711cd9f6098a066f1a89a3d877baf0b54740b05a055ba335ac15eaaa7
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
abe3aa99e2acf0a113e6de6c4fa0c8c2becb65b2b487cdda05d80696116368ce
ac20608cc1d025b219fa046260079973e0a3e1087a1ef4f52bdc75169425d202
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392
ae3093eed300f9ed677c8ae4b5b98a82975d21959f55913c2b5e166ee21af2fd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b0a49610fe25703c8c7eca43b7c2386e7e35e4f60fa379100b885ab8824ac5b4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b59469fc329a12bf75571996952e62a26c196cf7228978ad2f89c9a2c0100f17
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c01528476711eaa0446515d7ccd143623a1eb7c74d11645f03cd1e86ea63bb8b
c0cf676c86411d53783451c6d11cd8cb4baf3ba19940e588964794ee76d0e5a0
c2ad8c43d3d69e34215d0cc3307f297227c4321bd0a18ab2ae125b4b63a98ed7
c2fc7fa1867c5b5a56ffcf58b5e693cdf18c84b2b9a7b8ff49716dccd1e7f6b9
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c48bc4f01369f91ddac7a973f9c630a8855dc2d58776b0ca5b3afb6d675e80df
c597612667584c18f4a48a5ceb962b4186096ab7e4669adf330743be39208208
c5e8854372e0fa16df0fac640ecf585fed9c077cbe26c179b3523d74437775b9
c784c024de92462b33096f11af31375a2df3976fcf7d5ac3e408ef3a54a8fb37
c881bf5c15b23912d88d3637cf220c6a592a0fc937541e5f1cb3b7977ea4d6eb
cbaf07acd0356b90bb8d0ca983d2d2d19f7a3426e5b89c8cdcd9c9d28193fca8
cceaafb7322383a542c0498b2204814a1bbc330cd3d905a1128d115053aa51c3
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23c9b5fcabffe2bbb0e18f365a6cb8b6546de740e852f2ea2d93d2b950fb264
d34702699b46f7a599791846b4fd48bf01d918c6b8104a7b9bc69980ba85623e
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
d3ea5fb736ebfad6afd3dffd9bd814d6c339b0e1c6214299eeea754b9c04d6ce
d409a21c747e19fee3bba5338ec32eb372849efc6cf092b8a1356c65285b9010
d531f1d55518addc069760f406f8b796990a26863b1b7f6af53e2de536807c04
d5a919f8c241f0d153924d5117061c41ba6e3b0e0ecc5c7efe89ad78c0c51a77
d5afa5c45d8f35e3899961359c93302ff03b0d9f119875a8e6cede9f39abf2f2
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd89bed782a8ac641c28addf662568a121a3ad2eaeb37ba3fc8c8b544f277b11
de4bf3cac42279a6a7122862e2b3d52282677fbdc7cf636c7e0e8f4852b21704
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
df3ca84182bb66d2d913421e1c5142c9a4e180bf57c6102446d871f2e188c844
df3d837188427a952cf3fe8f11ff624126b6ebba83aae12346f8a9e1439d06a2
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
e042cededb3611a862a4da9e3a6d30949a31e6b595c724d327f14d8a44956742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41610c9babb56728df65b3b38eab8076c5d774fa9baf5fb66fd8b3de800a8bf
e9b619d0dd6694a9e98ff52d8f82d804838476f0dc2911be8c008097ac3061f1
ea6197dc39b617396538503ee3dfc3d77ee347220eb447f1067f3a872bbdd4ff
eaee853d839d640d5a3e87fc0fabf43e4c8b747b9ccc7460d55bb9f2647ab2e2
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
edfa080e61a0b68b004df660218c31d4d4faffb9d5b2f8f0a5ccf4e0843f5eb4
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
eef44e6fcbb9fe6c4410e5af271f17004ceb9ecfd0a13badac3b5033c22df1db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13c139d48dadf2a0c42bc0d21525dcc27989bb3a4181b1d4d972e54c8a20b63
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f4d9efd3c46da657777d181f8f9fe84471736099b72352eecfc9db11e25e516a
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7160fe443d32f0e4578d3ab5416de8c267289613297a2d9dbcc75733425dc69
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8558f2c5daeffb0e4ddb7606322a769a36bf05e65ce8c647bb5c4a422245f37
f965edac88af0f6256b829edf6d96a291528b0a17122b51a104d05662013ad53
fc202e8e597449bb646e44edef0e21113afa0e0dc2206c3de54a96ae36b91b6d
fe477e3dc74c39f58277bb9cbcf3480b0e3a0fb5933e9fe365a5de81115baa9e
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
ff80676b83edc22ffea1a236b6cdbc8c9b27ce38d13b00033f6a1375fa3df377