www.thestar.com Open in urlscan Pro
13.32.27.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On February 20 via manual (February 20th 2023, 3:26:30 pm UTC) from US — Scanned from DE

Summary HTTP 458 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 95 IPs in 11 countries across 78 domains to perform 458 HTTP transactions. The main IP is 13.32.27.112, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 49439.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.86.4.121 99.86.4.121	16509 (AMAZON-02) (AMAZON-02)
6 60	13.32.27.112 13.32.27.112	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21d... 2600:9000:21d5:3400:16:970:b940:93a1	16509 (AMAZON-02) (AMAZON-02)
21	18.66.112.68 18.66.112.68	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
24	13.32.110.88 13.32.110.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.21.37.35 144.21.37.35	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
11	18.66.15.53 18.66.15.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.226.39.112 34.226.39.112	14618 (AMAZON-AES) (AMAZON-AES)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.84.139 65.9.84.139	16509 (AMAZON-02) (AMAZON-02)
11	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	23.203.125.127 23.203.125.127	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.83.4.234 104.83.4.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	13.32.110.118 13.32.110.118	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.84 18.66.147.84	16509 (AMAZON-02) (AMAZON-02)
1	18.65.40.206 18.65.40.206	16509 (AMAZON-02) (AMAZON-02)
1	18.66.17.43 18.66.17.43	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	54.230.111.210 54.230.111.210	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
29	2a02:26f0:dc:... 2a02:26f0:dc::6853:411	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
15	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
2	52.208.136.62 52.208.136.62	16509 (AMAZON-02) (AMAZON-02)
20	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:b0c0:3:d... 2a03:b0c0:3:d0::be2:3001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a03:b0c0:3:f... 2a03:b0c0:3:f0::1bc:5000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1	34.241.134.204 34.241.134.204	16509 (AMAZON-02) (AMAZON-02)
2	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.37.125 52.208.37.125	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.37 143.204.215.37	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
6 26	2a02:26f0:dc:... 2a02:26f0:dc::6853:429	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.23.223 34.120.23.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:dc:... 2a02:26f0:dc::6853:423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1f18:143... 2600:1f18:1430:9001:19d6:7df1:3355:8814	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:dc:... 2a02:26f0:dc:384::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2304:9e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
3	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.70.39.209 3.70.39.209	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.1.21 52.57.1.21	16509 (AMAZON-02) (AMAZON-02)
1	3.124.74.224 3.124.74.224	16509 (AMAZON-02) (AMAZON-02)
2	23.203.124.192 23.203.124.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
3 3	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.197.178.152 18.197.178.152	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.244.165 52.30.244.165	16509 (AMAZON-02) (AMAZON-02)
1	54.75.223.203 54.75.223.203	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.3.30 37.157.3.30	() ()
1	198.47.127.20 198.47.127.20	() ()
2 2	54.170.158.38 54.170.158.38	() ()
1	69.173.144.138 69.173.144.138	() ()
2 2	35.227.252.103 35.227.252.103	() ()
2 2	18.156.0.31 18.156.0.31	() ()
1 1	185.86.138.154 185.86.138.154	() ()
458	95

1 99.86.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-121.fra6.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 13.32.27.112 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-112.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21d5:3400:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.66.112.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-68.fra56.r.cloudfront.net

z737.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:802::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 13.32.110.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-88.vie50.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.21.37.35 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.15.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-53.vie50.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:890 (United States)

ASN13335 (CLOUDFLARENET, US)

static.app.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.39.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-39-112.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-84-139.ams1.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.203.125.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-127.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.83.4.234 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-234.deploy.static.akamaitechnologies.com

w4o7aea80ss3-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.110.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-118.vie50.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-84.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.40.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-40-206.ams1.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-43.vie50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.111.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-111-210.osl50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:dc::6853:411 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.136.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-136-62.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:d0::be2:3001 (Colmar, France)

ASN14061 (DIGITALOCEAN-ASN, US)

push.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

events.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.134.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-204.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.37.125 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-37.fra53.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:26f0:dc::6853:429 (Vienna, Austria) 6 redirects

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com

engagefront.theweathernetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:dc::6853:423 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:1430:9001:19d6:7df1:3355:8814 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:384::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:9e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.39.209 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-39-209.eu-central-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.1.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-1-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.74.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-74-224.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.5.141 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.20.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.178.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-178-152.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.244.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-244-165.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.223.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-223-203.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (None, ) 1 redirects

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.158.38 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (None, ) 2 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (None, ) 1 redirects

ASN- ()

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	thestar.com 7 redirects thestar.com — Cisco Umbrella Rank: 40411 www.thestar.com — Cisco Umbrella Rank: 49439 z737.thestar.com — Cisco Umbrella Rank: 238484 images.thestar.com — Cisco Umbrella Rank: 97257 resources.thestar.com — Cisco Umbrella Rank: 172681 misc.thestar.com — Cisco Umbrella Rank: 687139 s.thestar.com — Cisco Umbrella Rank: 254956 api.thestar.com — Cisco Umbrella Rank: 277426 pixel.thestar.com — Cisco Umbrella Rank: 319470	3 MB
67	sportradar.com 6 redirects widgets.media.sportradar.com — Cisco Umbrella Rank: 52648 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 68272 img.sportradar.com — Cisco Umbrella Rank: 49992	779 KB
32	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5813 region1.analytics.google.com — Cisco Umbrella Rank: 4596 play.google.com — Cisco Umbrella Rank: 21 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	145 KB
26	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 331446 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	216 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137	134 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com	829 KB
21	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 10047 query.petametrics.com — Cisco Umbrella Rank: 10690	73 KB
18	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 15975 elb.the-ozone-project.com — Cisco Umbrella Rank: 7673	83 KB
11	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 731 simage2.pubmatic.com — Cisco Umbrella Rank: 657 image2.pubmatic.com — Cisco Umbrella Rank: 882 aud.pubmatic.com — Cisco Umbrella Rank: 4580 simage4.pubmatic.com	26 KB
10	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 46303	28 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 436 px.moatads.com — Cisco Umbrella Rank: 506	56 KB
8	kumulos.com push.kumulos.com — Cisco Umbrella Rank: 158106 events.kumulos.com — Cisco Umbrella Rank: 101452	6 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	501 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	2 KB
6	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 590 cm.adform.net	3 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 477 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 936	59 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4583	113 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1827	815 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 359 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6448	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2200	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 802	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 785	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 199 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 213367	5 KB
3	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2558 p1.parsely.com — Cisco Umbrella Rank: 1932	26 KB
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 780 api.btloader.com — Cisco Umbrella Rank: 864	7 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	879 B
2	openx.net 2 redirects rtb.openx.net	672 B
2	avct.cloud 2 redirects ads.avct.cloud	996 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 514	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 337	797 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	529 B
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 4037	1 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 2520 mwzeom.zeotap.com — Cisco Umbrella Rank: 2360	832 B
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 25431	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4255	562 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	967 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 15361	682 B
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1360	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 738	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	234 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	177 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	74 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 869	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 147	2 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 272314	2 KB
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com	357 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1537	162 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1763	360 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 726	611 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 643	589 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 683	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	725 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 515	35 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 591	277 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 929	6 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 270	30 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1525	157 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 617	725 B
1	t.co t.co — Cisco Umbrella Rank: 522	378 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 824	376 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1390	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 729	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 623	15 KB
1	theweathernetwork.com engagefront.theweathernetwork.com — Cisco Umbrella Rank: 1804	309 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029	517 B
1	akamaihd.net w4o7aea80ss3-a.akamaihd.net — Cisco Umbrella Rank: 832054	274 B
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 78112	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 275210	394 B
1	app.delivery static.app.delivery — Cisco Umbrella Rank: 51958	32 KB
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 217667	505 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 212041	132 KB
0	districtm.io Failed dmx.districtm.io Failed
458	78

	Domain	Requested by
60	www.thestar.com	6 redirects www.thestar.com
29	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
26	uswidgets.fn.sportradar.com	6 redirects widgets.media.sportradar.com www.thestar.com
24	images.thestar.com	www.thestar.com
21	z737.thestar.com	www.thestar.com z737.thestar.com
20	query.petametrics.com	www.thestar.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	www.gstatic.com	news.google.com www.gstatic.com www.google.com
15	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com static.cloudflareinsights.com
12	img.sportradar.com	www.thestar.com
11	www.google.com	www.thestar.com www.gstatic.com www.google.com tpc.googlesyndication.com 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
11	resources.thestar.com	www.thestar.com resources.thestar.com
10	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
9	play.google.com	www.gstatic.com
8	px.moatads.com	www.thestar.com
8	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
8	news.google.com	1 redirects www.thestar.com news.google.com www.gstatic.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.thestar.com securepubads.g.doubleclick.net
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	c1.adform.net	4 redirects ads.pubmatic.com
5	googleads.g.doubleclick.net	www.googletagmanager.com 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	www.google.de	www.thestar.com
5	fonts.gstatic.com	fonts.googleapis.com www.thestar.com
5	misc.thestar.com	www.thestar.com misc.thestar.com
5	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4	cm.g.doubleclick.net	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	events.kumulos.com	static.app.delivery
4	push.kumulos.com	static.app.delivery
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	pixel.onaudience.com	3 redirects
3	googleads4.g.doubleclick.net	ad.doubleclick.net googleads.g.doubleclick.net
3	ct.pinterest.com	s.pinimg.com www.thestar.com
3	bat.bing.com	www.thestar.com bat.bing.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	unpkg.com	2 redirects www.thestar.com
3	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
3	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	ups.analytics.yahoo.com	2 redirects
2	rtb.openx.net	2 redirects
2	ads.avct.cloud	2 redirects
2	match.prod.bidr.io	2 redirects
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	ads.pubmatic.com elb.the-ozone-project.com
2	visitor.fiftyt.com	2 redirects
2	loada.exelator.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	x.bidswitch.net	2 redirects
2	ad2.360yield.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
2	adservice.google.com	10230056.fls.doubleclick.net securepubads.g.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com	www.thestar.com
2	connect.facebook.net	z737.thestar.com connect.facebook.net
2	api.thestar.com	www.thestar.com
2	p1.parsely.com	www.thestar.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	api.btloader.com	btloader.com
2	fonts.googleapis.com	misc.thestar.com client
2	www.googletagservices.com	www.thestar.com 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
2	ad.doubleclick.net	www.thestar.com
2	ad-delivery.net	www.thestar.com
2	sb.scorecardresearch.com	www.thestar.com
2	torstar.blueconic.net	z737.thestar.com
1	ssbsync-global.smartadserver.com	1 redirects
1	pixel.rubiconproject.com	elb.the-ozone-project.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	cm.adform.net	1 redirects
1	rtb.gumgum.com	elb.the-ozone-project.com
1	crb.kargo.com	elb.the-ozone-project.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	elb.the-ozone-project.com
1	ap.lijit.com	elb.the-ozone-project.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	s0.2mdn.net	14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	alb.reddit.com	www.thestar.com
1	analytics.twitter.com	www.thestar.com
1	t.co	www.thestar.com
1	px4.ads.linkedin.com	www.thestar.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	www.redditstatic.com	www.thestar.com
1	snap.licdn.com	www.thestar.com
1	static.ads-twitter.com	www.thestar.com
1	pixel.thestar.com	connect.facebook.net
1	engagefront.theweathernetwork.com	www.thestar.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	w4o7aea80ss3-a.akamaihd.net	www.thestar.com
1	z.moatads.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	static.app.delivery	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	btloader.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
0	dmx.districtm.io Failed	elb.the-ozone-project.com
458	122

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2022-09-27` - `2023-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2022-11-22` - `2023-12-20`	a year	crt.sh
z737.thestar.com Amazon RSA 2048 M01	`2023-02-06` - `2024-03-06`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-01-11` - `2023-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.prmutv.co R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2023-02-13` - `2024-03-16`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
cdn.liftigniter.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.liftigniter.com R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.kumulos.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-03` - `2023-06-02`	a year	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
fn.sportradar.com R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
engagefront.theweathernetwork.com GTS CA 1D4	`2023-01-04` - `2023-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-29` - `2023-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
img.sportradar.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
pixel.thestar.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 5FEF3C7ABE893A09B70512EA949640BD
Requests: 334 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Frame ID: 8BE1A49341A616EFCCBB763293ED76AD
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com
Frame ID: E8DD81F56236E04D93B2F9F1C047C16F
Requests: 15 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 3B180A63E076C27462182451A2F9474B
Requests: 1 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 8C73244AD7FFB5F5E4CCCA1B3E71AAFC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3s5xfv5zslyy
Frame ID: 68F169796F8DD7653381805043572EC2
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 100B1F24448C7DC1277625C4DDE72908
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: AC8543C1B8B0347EDE5A4F557643D36F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: F9D91D24C4F565A759C9D4854D61CAD6
Requests: 12 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 143ABF60B1F1EC85675FC5DEDE41E2D9
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 733A56B9B69E0974AC923F0AD0C47008
Requests: 1 HTTP requests in this frame

Frame: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57A3EB4D181EF47C4C87B4493BE11942
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A616502096B7EF7BFF6F338B5B3F5DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5655821415BEBBA1AFE4E895468B8DE
Requests: 2 HTTP requests in this frame

Frame: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7AA0D56ED77EA02B7309CF90C3800235
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMClKRCYniwYwsDMyQEwAQ&v=APEucNWqrLZnzXWywvtwDelBkJrRbfdqxF9x_VfDzxGhvCDDcuqmGDcs3EgzbaX5O3jT74xzuPPNi0-z7_7i7Xk08kZX_cpwjA
Frame ID: C2D273ED337C4D0B6FCE6114D609EDCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E7DE62FDE07BCEA0CC9073BB4527D55
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Frame ID: 740C86263BD967B62B58CEDBBC53D09B
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 9D77353FA9D63C63E6B271EFF5D12246
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=
Frame ID: D9D2C87656DA73A66DC9FB49EE04BA1D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ca5c63f3-911c-4300-ba73-952057127f2e&gdpr=0&gdpr_consent=
Frame ID: 88E8A51E87FC35EA3FCD548C81F25D12
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3197821246071138637
Frame ID: FD0BAA3F9638F1EE5176551DA6EABAD3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BA1F6E166DB019E7C65A5F1E4AFE5D33
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j
Frame ID: B80F5E9E2C7296A3A50CE1B6B51579C7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 1DB812171B808C9286BB8B877788174C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Toronto Star - Breaking News, Toronto News, Ontario News, Canada News

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

458
Requests

93 %
HTTPS

37 %
IPv6

78
Domains

122
Subdomains

95
IPs

11
Countries

6409 kB
Transfer

19824 kB
Size

115
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://news.google.com/swg/_/ui/v1/serviceiframe?_=465807&publicationId=thestar.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com

Request Chain 107

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.1.1 HTTP 302
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Request Chain 129

https://cm.everesttech.net/cm/dd?d_uuid=85162769379038516740642783550609639822 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORFgAAAGFpMwMx

Request Chain 193

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Request Chain 194

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Request Chain 195

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Request Chain 196

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Request Chain 197

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 265

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543759 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543759

Request Chain 267

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543761 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543761

Request Chain 269

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543765 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543765

Request Chain 271

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543763 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543763

Request Chain 273

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543769 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543769

Request Chain 275

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543767 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543767

Request Chain 321

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 327

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1676906775695%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJniVU4pJTmRgAAAYZvbsYNNpTIzcCQXPeAC2lr5ivKt6xeil5ahqxPkcJiozqCR3Lq4eN3OBlPRA

Request Chain 410

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y-ORGUw74oFXcWM-xQ7DSgAA%261111

Request Chain 411

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=51117e19-2a2d-4df3-ad57-13bffc337c0e

Request Chain 412

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=a3c28f38-4a03-46aa-b9e0-fdbb6b3e9bcf

Request Chain 421

https://c1.adform.net/serving/cookie/match?party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=

Request Chain 422

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ca5c63f3-911c-4300-ba73-952057127f2e&gdpr=0&gdpr_consent=

Request Chain 423

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3197821246071138637

Request Chain 425

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j

Request Chain 426

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 427

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z1__UAIJTiOQbG-7IaXFrg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 428

https://pixel.onaudience.com/?partner=214&mapped=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=50996431e2ccfb0c2d05aad2df8b7ead&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4113222612538765400&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=a3e759d2ae5a1dde HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925043b5163d&zcluid=a3e759d2ae5a1dde&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESENo6bhSlrrF3o6jlIb-fusk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925043b5163d&zcluid=a3e759d2ae5a1dde&zdid=1332

Request Chain 429

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&addseg=19,36,42

Request Chain 430

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0Y1RkZGNTAtMDIwOS00RTIzLTkwNkMtNkZCQjIxQTVDNUFF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 431

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKSQMhbLNEyEtr0-ca_gIg4&google_cver=1

Request Chain 433

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4113222612538765400

Request Chain 437

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2429126952906232347629

Request Chain 438

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AANrHk7H5yIAAB_KelGEnQ

Request Chain 439

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6974417782864804037

Request Chain 442

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=4113222612538765400

Request Chain 444

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4f57c715-d486-443e-aa34-b35cc3bfc599

Request Chain 447

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=49730007-eca2-4c3e-a5c1-9015e3b99b75

Request Chain 448

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-pTKdIElE2uEjD8xjGMYllq6Qyr5b9mUbtTP1i_c-~A&gdpr=0

Request Chain 449

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8806904490401849057

458 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

596 KB
102 KB

179ms
178ms

Document
text/html

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e1d04f2f640f20921d1bc729816fb34af95ff85a32540fe728b90ca3c7f547b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:12 GMT
etag: W/"94f60-2Llc7NKUb7xTnEBrio5ezRFbLWQ"
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-id: b35lXR7xMK-Hr31u7irGEuXCkYk9YjRutbkzGAtl8FWvi3BI2wL4gQ==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Mon, 20 Feb 2023 15:26:11 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-id: KHqc37pdS1pX76QxirBBKBME-10Ws3iE_pfhjBnARYsRb94u50yrMA==
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
16 KB 39ms
38ms Font
font/ttf 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:28:00 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 7092
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"6028-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: gSaJ5REBNa37yc2hpOELAIfOP5jyUXZaQitSiOEBVdliKYji-MdOOQ==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 55ms
52ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:10:17 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 955
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"478c-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: PKfzjdVLAooW3IvWJ9Sj6X6_5YqgHVg2h_eNQ17QpJgdheHviZypIg==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 94ms
91ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:10:17 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 955
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"4764-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Pi5v5xmI2HyOrBUVzIa6CEWaNMW7K_vSLC_ZAJ3qa6OtHj3C_y9c4A==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 86ms
84ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:04:52 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8480
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: sZtAmihmSHL92VF5QNAqsmCJHCgKZBQjRGbNrKQNIVKQe97kILmUlw==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 73ms
71ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 987
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"4930-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 7khFU1BLRNnKP8CxmC2n4P-S-31cC5k09_JbVhtM7HzQRmSj5LHEVQ==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 88ms
86ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:21:37 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 275
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: RxB8wmx2tG-zFmpQ6pf0rEw6d98VOIFOIw9bRyp_efS6tPusH82Deg==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 81ms
79ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 987
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: tofpyBCBQKpmLrwfO7rDzukJwmSjqCd5kj6d1Gxnwekkl4FJo5zW4Q==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 41ms
39ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 987
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 1QcGNQsnoKezb5PfhMLk25CiN9K0owZlSF1NVQYmlGBsqfBadzXmPg==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 62ms
61ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:10:17 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 955
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d610-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: LkyP3HRvPa3j4piWnA_T9Nus61mlHXekU7b4gieQdib0Efx6Qy1qBA==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 93ms
92ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 987
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d420-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: JvrE_D9hG0FvfEJ6ysZ6HsAnCI25jYcaBaSB0rTWjtSWsDqb1WhLfA==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 402ms
118ms Script
application/javascript 2600:9000:21d5:3400:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:3400:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:42:40 GMT
content-encoding: gzip
via: 1.1 807adc5f317528439570900eb8e6c384.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 21108
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: KYbpI60qS3Ej8gOWS5G0a9q6E9G9Tynksoafpimj1wjDm49lLRroWw==

GET
H2 200 script.js Show response
z737.thestar.com/ 138 KB
41 KB 95ms
24ms Script
text/javascript 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

1db8541b79fb3e93f496105e6e8988bf7659abdda6b1ddfc32447f1d8f9cf4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 376
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41794
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Feb 2023 15:19:46 GMT
server: -
etag: 50a5e5c81d4f9e530c96daff05be612c
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: VZpDukmNoYbWXapybcfTKU8sRHThXTtdqQvYwKQE1NueLFDQrRdfLA==
expires: Mon, 20 Feb 2023 15:29:55 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 160 KB
49 KB 131ms
32ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4429462b2374dfd8d837655d998c6e810ad666e1dff34cce0ba81ad61b712857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49882
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 16:20:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 15:54:18 GMT

GET
H2 200 biz_smart_money20_web.jpg
images.thestar.com/NyyEP9vMncwz_l3Qd1Lcoki0TYU=/0x0:956x637/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/reverse-mortgages-are-... 2 KB
2 KB 128ms
30ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/NyyEP9vMncwz_l3Qd1Lcoki0TYU=/0x0:956x637/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/reverse-mortgages-are-on-the-rise-but-are-they-the-right-choice/biz_smart_money20_web.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f2a2efd979c02c7dc9bf76722c748064e7bf0006672b953aa300bb7d7b4a5cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:37:48 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 10104
etag: "f9c298a09698d96099a3a19c9f81d3e51c71f03c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2146
x-amz-cf-id: phCSbEmU_USFFXNmz3na6-mUoqA4b-INBbs6c6gUm5jhDFVV0FrReQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 74.css
www.thestar.com/static/ 6 KB
3 KB 23ms
22ms Stylesheet
text/css 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:31:18 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 86094
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:49:26 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"19a0-186569fe970"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: dkFqZIJKDzwWTgDE3grfaxXHX0_bf8i6hE1Dv7AmMYxal7DGiVC-Dw==

GET
H2 200 bundle.css
www.thestar.com/static/ 405 KB
62 KB 61ms
61ms Stylesheet
text/css 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

72a78d500aacaed9ea84c52c9d91f149a0b463d45850b342c048e455efcf180c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:31:18 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 86094
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:49:26 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"655c0-186569fe970"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: 8-iAWa6puke-GoGe3MjPSGmL2BevGrIuhFNygaKmWx-6WYXYvJJmVQ==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 432 KB
132 KB 120ms
47ms Script
application/javascript 2606:4700::6812:af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 0
x-guploader-uploadid: ADPycdtX7eOC2TUl8xUDK7inC0RjW1GmmzR3MvLr5QrA3TzX4u7OTPmxo2YJulhJvo_AGDvDT_KinA8-0QbpnnRR5P24x7xtOnsY
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 14 Nov 2022 10:17:23 GMT
server: cloudflare
etag: W/"8f00ae526705181d9b929b25770b0584"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1668421043825607
content-type: application/javascript
x-goog-hash: crc32c=wf3MGw==, md5=jwCuUmcFGB2bkpsldwsFhA==
cache-control: public, max-age=900
x-goog-stored-content-length: 139051
timing-allow-origin: *
cf-ray: 79c84261d88939ec-FRA
expires: Mon, 20 Feb 2023 15:41:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 214ms
102ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26544
x-xss-protection: 0
server: sffe
etag: "1488 / 569 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
496 B 22ms
21ms Script
application/javascript 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:07:25 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 11927
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Wed, 15 Feb 2023 19:42:23 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"16-18656997518"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: M9EH0NljY7daRn-nW-8JbHjOEq90mrxxg3i-rmMi5zqY3Scp6_KhkA==

GET
H2 200 tag Show response
btloader.com/ 14 KB
7 KB 92ms
38ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c562b8b442350f327120f26c201ebf8f9e7101bbd7432506be9003181513814e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 14:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2353
etag: W/"9ffb53c6ca9a6f49c8c0ebf6f5ca015a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BA9Ry1%2FjGwV3aAWIIVop1q9eJtXokL%2FIHScq5ZrSeCeuoA13tjiXghtzBXiyvRGppxDAo8ImFSQDzQIP8LkIvxGhYOkzz3YrRrtkQkDE6J08zlwZn%2FM%2BrIl%2BvG9PoTyvqY6dVlE1RJ43w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79c84263f9a99b9e-FRA

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 64ms
63ms Image
image/svg+xml 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:10:32 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 941
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:42:23 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"1df3-18656997518"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: lUQsePVbfqOD03YpRYXhQAymjNqLWfEpKxnStK9EtqkpgeqHPTeo2A==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 50ms
45ms Image
image/svg+xml 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:10:32 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 941
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Wed, 15 Feb 2023 19:42:23 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"24d-18656997518"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: QfeFlxN0dUUOoljYa9x6gvGSuFkSiB4VMq-E3U-z9VnFeEF1XyCcNA==

GET
H2 200 biz_smart_money20_web.jpg
images.thestar.com/mIMeqNE9Mrxz2aQoF705oImjg3c=/0x0:956x637/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/reverse-mortgages-are... 45 KB
46 KB 39ms
35ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/mIMeqNE9Mrxz2aQoF705oImjg3c=/0x0:956x637/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/reverse-mortgages-are-on-the-rise-but-are-they-the-right-choice/biz_smart_money20_web.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5125a55eb763836951e1ecd81a60376a5c3bad8cdf20c648d20838e82f2580fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:37:48 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 10105
etag: "d89a47999bb5119c4feecb99f32d0325b52c64d4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 46318
x-amz-cf-id: DZfCVr0aRnYcwPKhHNIGMtjLHNkgyj99JeboCVrI6OOyb5bovhAq9Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
483 KB 25ms
21ms Script
application/javascript 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

fac0d95e16adbd3691bdffcd95acb20683694c19f1607b131f4b943465143623

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:31:19 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 86094
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:49:26 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"1b07b1-186569fe970"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: AnmS9HYdMB2ZdMLDPR5L_LY-TD3GyoMv8lj1EKAft1E4rSTCe8wTSg==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
248 KB 38ms
35ms Script
application/javascript 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=ae70b922

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

22824dc0ec1facd07218e85b2dd3a0d8767392018c5f06a28002ef329b5322b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:31:19 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 86094
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 19:49:26 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"13e63f-186569fe970"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: 89Dys8aIzwDqBY0WkLD2xV_wyFZQ4Qt5X0Z7Xq-Zu9SHDZvfZ19V0A==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 141ms
137ms Script
application/javascript 2600:9000:21d5:3400:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:3400:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:14:24 GMT
content-encoding: gzip
via: 1.1 807adc5f317528439570900eb8e6c384.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 18569
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: JIrd_0pC3lZalq5e3Q5ZhpomOU-T3_zn4xwa6YHDS1CK0j3S_asPSQ==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
3 KB 272ms
269ms Script
application/javascript 2600:9000:21d5:3400:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:3400:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 11:49:56 GMT
content-encoding: gzip
via: 1.1 807adc5f317528439570900eb8e6c384.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 13038
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: n9loxAYBty4W4496g8uo3xLBGaNkzpLw4dKFs1BjPSX0EQrCs6YqHA==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 427 B
505 B 367ms
26ms Script
application/javascript 144.21.37.35
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.21.37.35 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f609e5180b9f198663bbca1607cee06832b5dd007631a1b73802cf25175d106b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 427
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 356 KB
76 KB 185ms
39ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f2a7c261243cbbb138f67e7aab68d08da9acf413efef225aa76e1d20563b962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:45 GMT
x-amz-version-id: jGtZQl36jX63d0vurmz_tn6XLYaSVIXt
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:32:35 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"2a6af74cf322131a2e18467f983f0f54"
age: 3209
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: O2w1ZtthROdwPtzZD7pKxd7fwm_uqTdx-jsulhO3BArBfqfWKfFuSw==

GET
H2 200 main.js Show response
static.app.delivery/sdks/web/ 128 KB
32 KB 87ms
29ms Script
application/javascript 2606:4700:20::681a:890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.app.delivery/sdks/web/main.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3338
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:00:54 GMT
server: cloudflare
etag: W/"61a0cc76-200b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihFKqIT6lWfqNdU4kkn8f%2BWriFKIoIiCU3etc6q6IaL7zl4b4n0IyRVJdRdHXlMsWlAjegi3duCnAx5mUsj%2FCmeONQAoWfwIycaz%2F1xGizWTdBXTrOG9uuawdyQSXDx9MOM4G9RljAsjxS9xgcNyhrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 79c842648f57995c-FRA
expires: Mon, 20 Feb 2023 15:30:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
86 KB 157ms
67ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ff9b6d3b0445fdbdb44bad2855b9f9870ceb03078d8c235447af654250eee98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87505
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 87ms
29ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: bc490e038d5326852b3d7e2454626501505f5152acd24879d477fa91537413e6

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
697 B 351ms
112ms Script
text/javascript 34.226.39.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json725

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.226.39.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-39-112.compute-1.amazonaws.com

Software

- /

Resource Hash

50432d7620bd89c981b3fe4e5788a6cd4bce86f442c07e8d8f40d7986dffd69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 33ms
32ms Stylesheet
text/css 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 15:56:16 GMT

GET
H2 200 track-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 41ms
40ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 20 Feb 2023 07:04:27 GMT
server: gfra1
etag: "63f31b7b-e87"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3719

GET
H2 200 opa-74021bde9081c83799a0980273db90d9.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 40ms
39ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ff91b424bd7d4213b1804625fe11502a7756771af41804ea1827ae328cdf187e

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 20 Feb 2023 07:04:17 GMT
server: gfra1
etag: "63f31b71-7003"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28675

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 110ms
108ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D1FB4893FCD87C54AF750944B45AD0B10&h=564a38e7c33916ca9724f10f1694dba7&r=0.4599955322887108

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 124ms
27ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c07af69ac6b1f31bf4c0d9817761d671c783f97adad1b68c5d3db118bfe4fbe1

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
820 B 99ms
21ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:12 GMT
AN-X-Request-Uuid: 2092184d-4cef-4c4f-a4c9-7b65db25d3e2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 191 B
333 B 110ms
30ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:12 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 124ms
40ms Script
text/javascript 65.9.84.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-84-139.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 20 Feb 2023 15:15:02 GMT
Content-Encoding: gzip
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
Age: 685
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: mV-_MFkLMe0UGXO2gyegMmD3hWeNugSrn-LuG2jqnSW4mJ_sSAbATw==

GET
BLOB 200
OK 906f7040-8aa0-4b41-bc6d-8b443577390a
https://www.thestar.com/ 193 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/906f7040-8aa0-4b41-bc6d-8b443577390a
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 197465
Content-Type

GET
BLOB 200
OK db8f37d4-6df3-4372-9f9a-ba0de85a5029
https://www.thestar.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/db8f37d4-6df3-4372-9f9a-ba0de85a5029
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 20393
Content-Type

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 81ms
38ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6e64132e8c397c047ee4ea81d1200a00b2bdacd788c85fc8ac85d5b95f67247e

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 vis_opt-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 227 KB
64 KB 22ms
21ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 20 Feb 2023 07:04:27 GMT
server: gfra1
etag: "63f31b7b-10094"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65684

GET
H2 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
129 KB 35ms
32ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 05:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Feb 2024 05:54:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 409 B
238 B 131ms
65ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d1b1058b4dd1a0e8b7ed011445d8cc0d0e363a5f85f1b1d688c8d45232c6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213
x-xss-protection: 0
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 410ms
35ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:13 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 198ms
37ms Script
application/x-javascript 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 9E6806E7D84FC145
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39833
accept-ranges: bytes
content-length: 54912
x-amz-id-2: Zrs0exCSlH2eR8+Z938XvlVVawaeoJfemWEbut/IN5JaQ1WTLVH5o959X4ax/+VFI7xl1thY5rE=

GET
H2 200 q27r889h.gif
w4o7aea80ss3-a.akamaihd.net/ 43 B
274 B 255ms
35ms Image
image/gif 104.83.4.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4o7aea80ss3-a.akamaihd.net/q27r889h.gif?mp=1&de=444362427768&e=17&ac=1&j=&vc=2&t=1676906773132&pl=1&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&i=TORONTOSTARCONTENT1&cm=6&bq=10&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.234 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-234.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 236ms
55ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&de=444362427768&t=1676906773132&i=TORONTOSTARCONTENT1&cm=6&j=&mp=0&ac=1&pl=1&bq=10&ad_type=img&vc=2&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 47ms
47ms Image
image/svg+xml 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:23:08 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 185
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: RAtobielqoE8uc9G_JVVCFaxh8KTxyO5aC7UvVgM6CLF7-OVwxpsNA==

GET
H2 200 medicine_long_term_care.jpg
images.thestar.com/nLSoeRdm76h6Em0apIAmeXpDTwY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2023/02/20/the-risk-of-harm-is-real-ford-governmen... 13 KB
14 KB 35ms
34ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/nLSoeRdm76h6Em0apIAmeXpDTwY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2023/02/20/the-risk-of-harm-is-real-ford-government-criticized-for-proposing-a-change-to-how-elderly-residents-get-medicine/medicine_long_term_care.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a95587924d5e599aa68f8579afdc459de1b2ba5c8b49c1245e48730570d56f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:01:29 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 8684
etag: "5fabc61c0a86b5926cfd2523811fe513bf01de48"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 13526
x-amz-cf-id: __tIPqI7FkwPyCX-uH5uTeA22OKNomQIHA5Y_MSdapgs2VuiE6Te5Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jully_black_jpg.jpg
images.thestar.com/p3v4XvYNlPRmSU1nJ-3R_Fd5Dyk=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/basketball/2023/02/20/jully-blacks-subtle-change-to-canadian-an... 18 KB
18 KB 39ms
38ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/p3v4XvYNlPRmSU1nJ-3R_Fd5Dyk=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/basketball/2023/02/20/jully-blacks-subtle-change-to-canadian-anthem-at-nba-all-star-game-wins-praise-from-fans/jully_black_jpg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1d5b3cac20aa0d3ee123708b7bdf4297a5ad18a5b66a40e129b2a0b0f369765d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:30:25 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 3348
etag: "9e0405ae6e6623e76ee2d9a5a4ce55b02c870457"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 18218
x-amz-cf-id: RLZ1bnj0VG3-R_gvGNlfoBzjNglhnh8_6KgKUANe75f--K_3EBtotw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 siakam2.jpg
images.thestar.com/A3ViWWxAzXueymX05uT-0t9Jw2M=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/raptors/2023/02/19/pascal-siakam-enjoys-all-star-m... 65 KB
66 KB 43ms
42ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/A3ViWWxAzXueymX05uT-0t9Jw2M=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/raptors/2023/02/19/pascal-siakam-enjoys-all-star-moment-although-hed-prefer-one-he-could-share-with-his-team/siakam2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 01431571aa19d8688b4d6bb671e5f1107ecf7687d5a57424b0687bf0718bdca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:33:23 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 10370
etag: "95994f6340835b013339475049c1f36c4bb89484"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 67060
x-amz-cf-id: 6q-b4Bor7-LbOYQzzQcOqFpFoH0f7O--mJWlK24Dj92vmn3cEK9jFw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 47ms
23ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 20 Feb 2023 07:04:17 GMT
server: gfra1
etag: "63f31b71-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/ Frame 8BE1 12 KB
4 KB 173ms
70ms Document
text/html 13.32.110.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-118.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13673140e8b594d1fd056e71176f4cc7c1959bd7a0d3ab3edcb63b4e3125072c

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 193
content-encoding: gzip
content-type: text/html
date: Mon, 20 Feb 2023 15:26:13 GMT
etag: W/"77bbb5873c681975f6a59fe5d593ca4d"
last-modified: Fri, 13 Jan 2023 17:52:43 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
x-amz-cf-id: YZrOFmxE8BxRir986o1KAUaRpTkDYc_6LgyUctY1TEtpIMHeW1JNZQ==
x-amz-cf-pop: VIE50-C2
x-amz-version-id: Ze9hsB9MUAuiRZYdqM9fR.DMvRjeAQSp
x-cache: Hit from cloudfront

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 98ms
23ms Script
application/javascript 18.66.147.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-84.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 08:51:38 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 52088
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vHOoLB7TNl5u1EFsasZ5sNTxR4Wxri9Daa-7kiIgPbBtbgjGZQH27g==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
523 B 503ms
379ms Image
image/gif 18.65.40.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.40.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-40-206.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:14 GMT
Via: 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-P1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: PQUfIiekT2_eDTNVVVhLCzy5rAjVMmFgb6wOZug8h-mu61ggZ6wbCQ==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 106ms
29ms Script
application/javascript 18.66.17.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-43.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 09:50:21 GMT
Via: 1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 20153
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: KBuVnBx_VJzQytPELihIRPniB6FNsW1NFj5_5VVNM2ik3ux4ev4Dxw==
Expires: Tue, 21 Feb 2023 09:50:20 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 158 KB
46 KB 138ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=465807
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
x-amz-version-id: LckRkWNbGAnMM4fPWbwH3UMp93SHfXGQ
last-modified: Tue, 27 Sep 2022 01:29:26 GMT
server: AmazonS3
x-amz-request-id: Y9Q0442DXZF3TTFK
etag: "5c0507320302161578b77871f0306c36"
x-hw: 1676906773.cds213.fr8.hn,1676906773.cds230.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 47144
x-amz-id-2: iW+JT6oWl6L/k9+wB8UfNmWmaHHqcCE0OfPhcRW5UTgEZB4nEFq5s5UUkghubjDENXblEELarEo=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 219 KB
54 KB 188ms
49ms Script
application/javascript 54.230.111.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.111.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-111-210.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:57:15 GMT
content-encoding: gzip
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront), 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 21:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1, OSL50-P1
age: 1739
x-amz-server-side-encryption: AES256
etag: W/"0b8b1ce84f37b3852d15570cccfe1752"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: zkk36jCRRUN3pmSuPSwtHWd8qqlbXc6Sh9YcYzzuYk3yk-G1Vo5RFA==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 87ms
33ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472995
x-guploader-uploadid: ADPycduLWNAVLP7lSA06qC3bZEZWvCCRwTnuWdmg9njFC-QkZIaGqkLIkmU8rzp5dTUOQ1ip5ho9-BpRvIE79eWA-8YEMKzxyT3o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FpqWBzJHvPEcIdt2Z%2B6qoxs%2FtQyZB7TKHJmq9nnQKDMeq1TQ32b12UpTeDCz5CGYkwAE%2FraS84i0k%2BA03Ny9RP83RoPqf8dfznd%2BXuxwC3mEbSOnp4i5wqusVZI3BK3yZLs0sLrEl2xCOoFMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79c84265fbb29b8c-FRA
expires: Fri, 03 Feb 2023 14:40:54 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 140ms
35ms Image
image/x-icon 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Feb 2023 17:11:25 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
968 B 54ms
31ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.09341286027429963
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472995
x-guploader-uploadid: ADPycduLWNAVLP7lSA06qC3bZEZWvCCRwTnuWdmg9njFC-QkZIaGqkLIkmU8rzp5dTUOQ1ip5ho9-BpRvIE79eWA-8YEMKzxyT3o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EepORu3HvoG5f%2FP6gKQm%2BuejDkLkoTwXlsrZWrrFgkde6qyhNR7wB72OH1pTSMsai5tMQbA2P3z4M6QvwaCJSenml6%2BzL%2BXePHvg%2BbLSAZ0Yp0L6z1MYN%2F0Y5nSarLHDSXAdfyHjfqmUpQVlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79c84265fbb69b8c-FRA
expires: Fri, 03 Feb 2023 14:40:54 GMT

GET
H2 200 20230219140220-63f2767ad74bed5ad8356ea6jpeg.jpg
images.thestar.com/8PaS-I-JsnHIroW5S1rca1PUXw8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2023/02/19/fond-remembrances-for-jimmy-carter-after-ente... 20 KB
20 KB 35ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/8PaS-I-JsnHIroW5S1rca1PUXw8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2023/02/19/fond-remembrances-for-jimmy-carter-after-entering-hospice/20230219140220-63f2767ad74bed5ad8356ea6jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 50b4aad2f30d3357783d9b9e2e1a1c012dff77acb84ea338e8c888fef5356f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 05:12:35 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 36818
etag: "d73a51653a044590f9f6eb9c1822beccb255b312"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 20566
x-amz-cf-id: 59FCUKUO-_tb9H9OWeux5_csZSpLlI48kxwdoqal4bIKB_lSZY-94A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 star%20chevron_new.png
images.thestar.com/7kVMbBBcg_hRWiTIJRbF-7jQDck=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 36ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/7kVMbBBcg_hRWiTIJRbF-7jQDck=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/star%20chevron_new.png
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aab2191bf1f8ee672c1e6b7e69e61e522eaad87c21b62b026705890c3f4ab324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:28:06 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 21487
etag: "ac126458f87fb5bd90a7b5b8d78aaf8de2104304"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2568
x-amz-cf-id: BMYsFfNEXiiZBKVH6IA8PFRtGEgQWRoC79QQLwC1rnsXswPm__QbzA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Thomson_Graham_logo2019.JPG
images.thestar.com/cejaw282lGZz-lqS_MrWMtaMuB0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 1 KB
2 KB 36ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/cejaw282lGZz-lqS_MrWMtaMuB0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Thomson_Graham_logo2019.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 868015ece7ce9bbf7406bc51149ed7d8e0ab57726312186b3efc6a2cd7aa056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:02:49 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 12203
etag: "411e846d9a690ad5ab6fba84e79d6523ba54cadd"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1430
x-amz-cf-id: Mn6--SWf6D2HyBCHFgFL0DLIMz4saGgYuC9rEA0VTNiWj_JOWbIj4A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Mallick_Heather_logo2015.JPG
images.thestar.com/PvHdqycqIW5IwFVIyyCnXqLtqzI=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 64ms
61ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/PvHdqycqIW5IwFVIyyCnXqLtqzI=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Mallick_Heather_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 277c85dfb71aa4203d2a2e7d8adba8feff699eba22e676a423e477b66eec6467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 02:51:33 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 3414880
etag: "fa1293d16a76c46e6fdb6bedaf3f3990e254b532"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1762
x-amz-cf-id: sB_GKgu7FkV1pmvZcZuxJGp8w-c6QSgowrVqyoaSzlLscxd4QP-akg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DiManno_Rosie_logo2015.JPG
images.thestar.com/lt4MO220s2yNnCSlkFv5MB3Nzg8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 36ms
34ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/lt4MO220s2yNnCSlkFv5MB3Nzg8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/DiManno_Rosie_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eed5e336ecde259bdd303b64a05230a79af84e3526e3cf74ff289874244d898b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 02:17:12 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 3762541
etag: "32e0fd269451461835d17ad8058e89fa3ac852e2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1844
x-amz-cf-id: kxzX21Wb5jMYiVGrRTWNi0Zkvkdvdp2Tc_bjvyd9jN-BSjr3X-DwKQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ripley.jpg
images.thestar.com/gAWzOL8qpF6BFkDkT6SP4sKrmbE=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/20/heres-whats-open-and-closed-in-toronto-on-family-day/ 26 KB
26 KB 38ms
36ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/gAWzOL8qpF6BFkDkT6SP4sKrmbE=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/20/heres-whats-open-and-closed-in-toronto-on-family-day/ripley.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ae1f23a547a434afdf2a93c6c4d0e6db588182a685b7be83c636fbd0d7ac5e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:40:25 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 17148
etag: "dabf92e2abfbc38ef67b5bd5ddfaaa4677bee60a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 26758
x-amz-cf-id: RXZvBasZqliSibiaHIlv7CSEUza-eJflqK70MxYN98RlBIxvoBw1dA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fatal_crash_427_dundas_etobicoke.jpg
images.thestar.com/XIGBOUepuVIF-GeaZPU-FQV0BZs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/19/memorials-to-be-held-for-three-students-from-bangl... 66 KB
66 KB 41ms
39ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/XIGBOUepuVIF-GeaZPU-FQV0BZs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/19/memorials-to-be-held-for-three-students-from-bangladesh-killed-in-collision/fatal_crash_427_dundas_etobicoke.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a970729a757babbf53a1b34295674b0cf66e34207195a2aa8dec9aa99f8b75c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 22:57:20 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 59333
etag: "92bfa52bfb1a8758f72fb5f1758e2c37a73f9ee5"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 67396
x-amz-cf-id: KygCpoaZ3n1TqJk8Zev0QnlFMq7pmJRctxFtrq-qqDsaEScfRiISmg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 online_shopping_problem.jpg
images.thestar.com/-9P_b-f69fLVO5hFdNESaT5CaLk=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/five-signs-you-have-... 51 KB
51 KB 51ms
49ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/-9P_b-f69fLVO5hFdNESaT5CaLk=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/2023/02/20/five-signs-you-have-an-online-shopping-problem-and-how-to-fix-it/online_shopping_problem.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3e6d1176c5d058a5c3dac1c1d0cfd2c4980822257f89e9874232cbaee1de1ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:13:40 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 4353
etag: "ec4e42736f18d2e51b68667cb945bd206e073f08"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 52244
x-amz-cf-id: tkoyR65QHp2xCIPKsfOTqdP5mXOoHp2s0Mr07zBXK4TKxogr1Lv8HA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230219130224-14ff5199769432fcebf82c31a9003a1fe6cd614b7054cf68bb850284e2ad80dd.jpg
images.thestar.com/g6cJHTwN3rJSnI-v4ww4-i0N_3o=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/02/19/harassment-in-sports-st-onge-asks-provinces-for-in... 23 KB
24 KB 61ms
59ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/g6cJHTwN3rJSnI-v4ww4-i0N_3o=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/02/19/harassment-in-sports-st-onge-asks-provinces-for-investigative-systems-by-end-of-2023/20230219130224-14ff5199769432fcebf82c31a9003a1fe6cd614b7054cf68bb850284e2ad80dd.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 37d721ab09d7ecc8674cc2b199fc59290630a9c02931de297eb796508876fe26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:21:30 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 72283
etag: "3e853914e70112ac012e54bb0c31470a8f659288"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 23898
x-amz-cf-id: Sotl3nn3oXIRtj8Kof-kQ6PcNXjBL2u2x8i_RWco-OekY0VWNAyJcQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 170ms
66ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=ae70b922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26544
x-xss-protection: 0
server: sffe
etag: "1488 / 898 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 373 B
803 B 21ms
21ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

16813ee69ad63d99aa9787d1775bafd5ca6520920b201380a1ef5a2ed8ce01d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:48 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 205
x-powered-by: Express
etag: W/"175-74VuFpxlA50GD/rjeczSI+r8cNg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 373
x-amz-cf-id: vfGTuViiHhJE71b97wUqfgjU1WzrHBQw1e3L6VtS7Hb1XviwWUShtw==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
447 B 21ms
21ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:48 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 205
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 19
x-amz-cf-id: ThEiWCbLJUqlK1rOftTrMcXiRXoyX2ez-gwabCSDzi3n9y02voqg1A==

GET
H2 200 widgetloader Show response
widgets.media.sportradar.com/torontostar/ 322 KB
71 KB 475ms
238ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=ae70b922

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9af7ff3e8febc36ecda905d543cd37b6f47c3e8568c73b2f33533721440e7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:13 GMT
etag: "2b9cad8833152f41947122ee8311c963-5d9563f394d89a5987c3efc1c2e49ad5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
content-length: 72660

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8935c31f7c2bbbe1e6c6d58b714f72c4f9c6b0f8d7095b74bdc333d9e5828a97

Request headers

Referer
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 32ms
32ms Other
image/svg+xml 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 16:13:57 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame E8DD
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=465807&publicationId=thestar.com
https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com

16 KB
7 KB

173ms
173ms

Document
text/html

2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9af563eb5650afb1d4b95be0aa703d7dc18d1369e4402b6693119041289082a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ycFAhUufftnQyLAfaLBllw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ycFAhUufftnQyLAfaLBllw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Mon, 20 Feb 2023 15:26:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-Lg-oXLFKiWpQb88p7W1m8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Mon, 20 Feb 2023 15:26:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8BE1 4 KB
1 KB 144ms
55ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 8BE1 207 KB
69 KB 70ms
70ms Script
application/javascript 13.32.110.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-118.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 192
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GKUks5AZybfXjb9UjmzcKFDxIlC2FlLKVxBhQuJa_CiZ3LJ1_3DU6A==

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thestar.com/ 2 B
58 B 168ms
168ms Fetch
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 182ms
129ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 182ms
129ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=DNkxf6h5k&w=5166328627855360&o=5071905434894336&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sid=De6JYmEckr&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 23ms
23ms Image
text/plain 18.66.147.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1676906773774&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-84.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: zOgA-MghgxVfoOvrxIoxyESHpv3_jcKcjpc1oxs2gKZtAdUyYiUWMg==
x-cache: Miss from cloudfront

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 245 B
646 B 672ms
612ms XHR
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f9937ff57ec53a868c7b1ed9f2ff738bdbf0938ea1b47facb61ba1e01533ed

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 79c84268adf13a67-FRA
expires: 0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 103ms
25ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: public
date: Sun, 19 Feb 2023 17:36:12 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 83308
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 8VsaFOxr7M6oS3WNAzCpnKn6tAQ7QYesRXQAPLeBUrIS72irtCztlA==
expires: Mon, 20 Feb 2023 16:17:45 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 99 KB
16 KB 497ms
497ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/724?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2023-02-20T15%3A26%3A13%2B00%3A00&ts=1676906773795

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

cda39d9bc1d25d517c64207fcee35edc66deae4731e16c8dfdb60a3efbfe95d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 15665
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: qFLhMhlrZdbrO3OMv6cbY32YKE9K156HDu4yVOUYClerAXMBeDiRHg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 226ms
35ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a7fba2553ac021c30a12d68cf4c4d356f891e0446bfc485aaaa72c171557ceac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:14 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26227
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 229ms
50ms XHR
application/json 52.208.136.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1676906773822

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.136.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-136-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

52d729ea29f757260fa22c8b6ff911e2a2ff5d889852205a86d605b7dcbbd002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v046-06d22350d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: x+qYcoBXRT4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 326
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 32ms
31ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:41 GMT
x-amz-version-id: gjNBRqyUPpAxW_GEcdzejrDAL6avK6r.
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
age: 3213
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gSltteEEPJB3NiWhZ4bF0g98tDhfkGlj4782PVQNxurb8wDz3pE8sg==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 31ms
31ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:42 GMT
x-amz-version-id: e1Z.3Rvm0Zr0s4vn5vj5j0GVf3M77f6M
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"b89fcb8870ac40eecb6d3cc844d35389"
age: 3212
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: i9nwj6sRpIwuFgdNESlpWGHlak26BwT-XR8gZqkf9-K8ujBb-PqZkA==

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 10 KB
3 KB 448ms
370ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: c6d4d8213ca83d7c18ba3efb1ec63520f5f77f136d1149ffe2cae00e69294fd1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 7 KB
2 KB 445ms
370ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: d6d451e072ec74f06af4020fe1df2d62790b7068944174fdb93039b79f35ac54

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 22 KB
6 KB 462ms
391ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: e2a12beebbbe3d40cb502a94e4ae2e4b43db740840e622252be5381f1f57a7f9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 11 KB
3 KB 403ms
336ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: bcd77a8de364a1afd1c68de2ecf6afd2aac5e4e1f28c4570cbc1fa7d3f64054f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 10 KB
3 KB 403ms
341ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: b2c466dd2a3896a3c926fc2c01d4537a39e4fc088e50e2d7c9ccda1cff468399

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 5 KB
2 KB 427ms
367ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 72c43ffc820c80c1fdeebe16fb3a15974ac587bd9cca625479aca515847ee00a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 12 KB
4 KB 448ms
392ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a59fc37ee877f8da5810c3c20e0164401ee06d8e82233484f7d194aaf12c1005

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
175 B 176ms
130ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=pageview&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2146&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=6&jsfv=nbc&ts=1676906773841&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 65ms
64ms XHR
text/plain 54.230.111.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.111.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-111-210.osl50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:05:08 GMT
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: OSL50-P1
age: 4865
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: J0KeOlJk5ZUycPYN_JF90nA1VskaBKmuum1vzGSHsCzNfFGYdlr2Qg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 128ms
43ms XHR
application/javascript 54.230.111.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.111.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-111-210.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
date: Mon, 20 Feb 2023 02:41:01 GMT
x-amz-cf-pop: OSL50-P1
age: 45913
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: U3rwJTNeyejXHBM5nUwfS54u-LBrLYQ11tnrIvNKy33nroQoY_0bIg==

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 6 KB
2 KB 428ms
374ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 8ff66bd5e95961b0ef181af5486785a833f982def35e19317d4301578e81c329

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 58ms
58ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=TORONTOSTARCONTENT1&hp=1&pl=1&cm=6&kq=1&dnt=0&bq=0&f=0&j=&o=3&t=1676906773132&de=444362427768&m=0&ar=5072747-clean&q=0&cb=0&cu=1676906773798&ll=2&ln=0&em=0&en=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&qs=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&vc=2&gw=torontocontentstarcontent37863992&fd=1&ac=1&it=500&fs=98876&na=717796883&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Feb 2023 14:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1889
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Feb 2023 16:54:44 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.1.1
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

7 KB
3 KB

38ms
38ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 494929
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GS8YXEJQ34BWHR8QNAKTZXDB-fra
server: cloudflare
etag: W/"1b24-GqgswdM7opiZOqFSwUlHVut+Xpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c8426a2b1c8fee-FRA

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GPEV7QJGJ8QGM7FQXEKHDY3J-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3518686
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.1/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
cf-ray: 79c84269baa88fee-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 82ms
82ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbcf04045760bdd64cdb5186481030d74b9ae2f3d47e4285cf594b9f325fa8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 65ms
65ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ccd47129b602659af28543b0153f94e42bfbacad6db52c050bc815eef8c1fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:13 GMT

GET
H2 200 covidtesting.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 8BE1 125 KB
50 KB 58ms
58ms XHR
text/csv 13.32.110.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/covidtesting.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-118.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87595354d25d77e864d2685041c75c7fbb39c0a3adb9f662b738ece0e2440d29

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: MmvQMFNoeqIeIvrg72XtLlK7vpf.GUNv
content-encoding: gzip
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Thu, 16 Feb 2023 22:04:04 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 39
etag: W/"738b1e1ecf76c38702258e025734684a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: msusXTIUronvUIZoixoCq3pFzI.WWBts
x-amz-cf-id: 1PVqFIu_aZJRFwSYYIRnxu5ySj6X0wDXuOYl7uE1VSWXt1l3LzA-tg==

GET
H2 200 region_hospital_icu_covid_data.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 8BE1 212 KB
49 KB 98ms
98ms XHR
text/csv 13.32.110.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/region_hospital_icu_covid_data.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-118.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fffab59cfc7776576b8b01a070d76e2cf194e0d2b694a2dbcd77e2b37e216bf5

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: JJ6cOl8kPV_CDOoJVHWf_Imze.Q86nqg
content-encoding: gzip
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Thu, 16 Feb 2023 22:04:04 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 39
etag: W/"47f3707ad6dd542171c9b2c03aaaa990"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: c1o_smhLhS4c1yLWq8bYDVZHJZgpq2Hx
x-amz-cf-id: hgGCikMmVrE377XMa3Ozz1m4Uq0aFMy0AdIL5Ndt1Y3Z9jMtcrQDBw==

GET
H2 200 vaccine_doses.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 8BE1 56 KB
25 KB 57ms
57ms XHR
text/csv 13.32.110.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/vaccine_doses.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-118.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbbbf23ed33c5c41ee200e1515376d181f2fdff680d380546c5d22cdc0d7c895

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: SNPrXpI.lf7HjK2H49mfEBxUOBwx6rsy
content-encoding: gzip
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Thu, 16 Feb 2023 22:04:04 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 39
etag: W/"6e668557aec4f444561bd7447dbb315b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: OAo3kaYn.XAoQp7LKOdxpaFVwH20QRnf
x-amz-cf-id: lAnoPERZSvhS0Q_vOEE7nvBBBz5KfAj5129RhNPLtIbIr9TjG6C6Eg==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 8BE1 37 KB
38 KB 127ms
34ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:59:53 GMT
x-content-type-options: nosniff
age: 332781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:59:53 GMT

GET
H2 200 config Show response
push.kumulos.com/v1/web/ 2 KB
1 KB 40ms
39ms Fetch
application/json 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 config
push.kumulos.com/v1/web/ Frame 0
0 114ms
26ms Preflight
text/html 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 events
events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ 0
0 63ms
63ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ Frame 0
0 252ms
25ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 events
events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ 0
0 63ms
62ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ Frame 0
0 251ms
24ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=10345&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=762&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=2029462533&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 26ms
26ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1521367241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=877963481&gjid=1070300066&cid=874992567.1676906774&tid=UA-70431129-1&_gid=175604172.1676906774&_r=1&_slc=1&gtm=45He32f0n81P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&z=1489403682

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 27ms
26ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1521367241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=204249034&gjid=1263135990&cid=874992567.1676906774&tid=UA-73335503-3&_gid=175604172.1676906774&_r=1&_slc=1&gtm=45He32f0n81P86MZHL&z=1359562630

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 125ms
27ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-70431129-1&cid=874992567.1676906774&jid=877963481&gjid=1070300066&_gid=175604172.1676906774&_u=YEBAAAAAAAAAAC~&z=1419259837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame E8DD 0
25 B 62ms
62ms Other
text/html 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qOtcNMzaJS9sI1ygoo0RbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-qOtcNMzaJS9sI1ygoo0RbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/ed=1/rs=ABXTjI5tiweOxOmOF8L6nTlNsCrBPhri3Q/ Frame E8DD 521 B
968 B 129ms
34ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/ed=1/rs=ABXTjI5tiweOxOmOF8L6nTlNsCrBPhri3Q/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:13:44 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/am=dAYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame E8DD 196 KB
69 KB 129ms
34ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/am=dAYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI4I0WqZ5ORXru-FoGF0RM93w10DAQ/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465807&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4cf7a559cce212513f2cb3038a080a32d9569a3cf6cbc61fac2b5c3284661da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70465
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:54:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:53:14 GMT

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 3B18 7 KB
3 KB 249ms
43ms Document
text/html 34.241.134.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.134.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-134-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v046-04ea58e04.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: b3okKKVmSOQ=
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Wed, 8 Feb 2023 11:53:45 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
458 B 167ms
32ms XHR
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=85126143609760037280641381777055421316&ts=1676906774091

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6c71e1985a592bf55c844140c3be46cf16350c41773beb14b58f9369ceb2ccfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y-ORFgAAAGFpMwMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=85162769379038516740642783550609639822
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORFgAAAGFpMwMx

42 B
943 B

57ms
57ms

Image
image/gif

52.208.136.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORFgAAAGFpMwMx

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

52.208.136.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-136-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0458b73b6.edge-irl1.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CjgkcXFUQow=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ORFgAAAGFpMwMx
Date: Mon, 20 Feb 2023 15:26:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 91ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je32f0&_p=1521367241&_gaz=1&cid=874992567.1676906774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676906774&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 87ms
28ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=874992567.1676906774&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 159ms
70ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=874992567.1676906774&gtm=45je32f0&aip=1&z=1136597913

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 73ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je32f0&_p=1521367241&_gaz=1&cid=874992567.1676906774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676906774&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 69ms
28ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=874992567.1676906774&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 142ms
71ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=874992567.1676906774&gtm=45je32f0&aip=1&z=1720043579

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk.89041.b1e39433.js Show response
widgets.media.sportradar.com/assets/js/ 135 KB
40 KB 30ms
30ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.89041.b1e39433.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c57d9b1667805a27dca7490697875ae0fc89b17f8e05ff8256e5c2d9dae2318f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Thu, 02 Feb 2023 17:30:38 GMT
etag: "2eeb8268becda555b8a715a8141e5804"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 40248
expires: Sun, 05 Mar 2023 17:30:38 GMT

GET
H2 200 chunk.57420.18c6064e.js Show response
widgets.media.sportradar.com/assets/js/ 342 KB
91 KB 36ms
36ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.57420.18c6064e.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ac9c76e58b436c190e907ee92ea72e556a1ce1e04a2be5aabb1db79ab4b0067c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 16 Feb 2023 14:15:38 GMT
x-served-at: Thu, 16 Feb 2023 15:03:48 GMT
etag: "b2b020c2e8cf4630e701b15031094e42"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 92167
expires: Sun, 19 Mar 2023 15:03:48 GMT

GET
H2 200 chunk.74425.87fdd7bc.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
5 KB 60ms
60ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.74425.87fdd7bc.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

becd488761f039c10fcb9769ac7b6f418404a7078e2540fd4ea252dfbeb7efe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
x-served-at: Wed, 01 Feb 2023 18:31:19 GMT
etag: "efb651707c3a085e336c431fd254beb9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
content-length: 4657
expires: Sat, 04 Mar 2023 18:31:19 GMT

GET
H2 200 chunk.75472.e3513d70.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
8 KB 45ms
45ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.75472.e3513d70.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ad483a4e616636b1165205d04324f8e67d47c02c6d9eca0c99d99dd1e2b56f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "8631471a6e6a2938d7a35cda8687a17c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8280
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.58047.f9857c8b.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 68ms
68ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.58047.f9857c8b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "77dcbaed60f52b4338418a558410cc56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3865
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.87159.bbe12864.js Show response
widgets.media.sportradar.com/assets/js/ 110 KB
30 KB 69ms
69ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.87159.bbe12864.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89296988b553a1c37ee245a7923e3f8573de85ad96613cc21bf67fd5216cc2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Wed, 01 Feb 2023 06:51:12 GMT
x-served-at: Wed, 01 Feb 2023 09:18:44 GMT
etag: "7027f648e3a9fcd2928f0c1d37e3c84e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 29935
expires: Sat, 04 Mar 2023 09:18:44 GMT

GET
H2 200 chunk.872.f278cff8.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
6 KB 75ms
75ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.872.f278cff8.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "2e33f72f6efa38ea0852e0d2951de36a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5766
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.88139.274c7355.css
widgets.media.sportradar.com/assets/css/ 20 KB
4 KB 75ms
75ms Stylesheet
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.88139.274c7355.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 13 Feb 2023 16:19:24 GMT
x-served-at: Wed, 15 Feb 2023 18:32:57 GMT
etag: "c49787c1d88ae88587d40d3a2128e530"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3803
expires: Sat, 18 Mar 2023 18:32:57 GMT

GET
H2 200 chunk.88139.223cfcbb.js Show response
widgets.media.sportradar.com/assets/js/ 22 KB
7 KB 76ms
76ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.88139.223cfcbb.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "721c6aa9d4d169f53089fda9c8650d3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6585
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.56615.e516b9de.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
7 KB 77ms
76ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56615.e516b9de.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 30 Jan 2023 08:37:25 GMT
x-served-at: Tue, 31 Jan 2023 14:00:19 GMT
etag: "17d28dd8a0d379cf3bf8a0fde19671e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 7004
expires: Fri, 03 Mar 2023 14:00:19 GMT

GET
H2 200 chunk.36369.4d629a02.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
3 KB 83ms
83ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.36369.4d629a02.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "d732fcd8139e215ea39b473933d09bdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3139
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.99585.125055ea.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
5 KB 84ms
84ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.99585.125055ea.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 30 Jan 2023 08:37:25 GMT
x-served-at: Tue, 31 Jan 2023 14:00:19 GMT
etag: "7f3ad519cbc50f88557125cbe435144f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5105
expires: Fri, 03 Mar 2023 14:00:19 GMT

GET
H2 200 chunk.73555.747d7328.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 85ms
85ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.73555.747d7328.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

962e0598efaceb0ca367d3fcf587550d9edd875aa9652d3967481d646e128d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 30 Jan 2023 08:37:25 GMT
x-served-at: Tue, 31 Jan 2023 14:00:19 GMT
etag: "27182ce42b05a47329bf901ce18b2d82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3854
expires: Fri, 03 Mar 2023 14:00:19 GMT

GET
H2 200 chunk.5871.31c7af08.js Show response
widgets.media.sportradar.com/assets/js/ 8 KB
3 KB 82ms
82ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.5871.31c7af08.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Wed, 25 Jan 2023 19:50:44 GMT
etag: "7fec7d978e30bc583c1a19f722210edb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 2970
expires: Sat, 25 Feb 2023 19:50:44 GMT

GET
H2 200 chunk.69233.e1f094f4.js Show response
widgets.media.sportradar.com/assets/js/ 29 KB
8 KB 85ms
85ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.69233.e1f094f4.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5170a924bcb49afce63a034a3e47ccce736fe0f50c04bc9dd519433f71c781be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Wed, 01 Feb 2023 06:51:12 GMT
x-served-at: Wed, 01 Feb 2023 09:18:44 GMT
etag: "c75cef6c4def9925a674740771eb2f87"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8166
expires: Sat, 04 Mar 2023 09:18:44 GMT

GET
H2 200 chunk.13040.f97e5173.js Show response
widgets.media.sportradar.com/assets/js/ 45 KB
12 KB 89ms
89ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.13040.f97e5173.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 16 Feb 2023 14:15:38 GMT
x-served-at: Thu, 16 Feb 2023 20:25:01 GMT
etag: "f48cd5b9c67127bc245cd22cb5bf70e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 12064
expires: Sun, 19 Mar 2023 20:25:01 GMT

GET
H2 200 chunk.70689.8a75fb8f.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
4 KB 85ms
85ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.70689.8a75fb8f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Thu, 09 Feb 2023 11:55:13 GMT
etag: "547e83aea16d9f6505d68c813bdf23d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3272
expires: Sun, 12 Mar 2023 11:55:13 GMT

GET
H2 200 chunk.83679.aafd3aa1.js Show response
widgets.media.sportradar.com/assets/js/ 27 KB
6 KB 87ms
86ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.83679.aafd3aa1.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "ef4b2e812247d35ae451639597ae1800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6245
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.84814.724cf9ff.js Show response
widgets.media.sportradar.com/assets/js/ 17 KB
6 KB 94ms
94ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.84814.724cf9ff.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Sun, 05 Feb 2023 16:41:02 GMT
etag: "f5f15f112020f745f3f67dece3002f15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5514
expires: Wed, 08 Mar 2023 16:41:02 GMT

GET
H2 200 chunk.95874.44a7e7c6.js Show response
widgets.media.sportradar.com/assets/js/ 25 KB
8 KB 95ms
94ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.95874.44a7e7c6.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Wed, 25 Jan 2023 15:24:14 GMT
etag: "d4c2807e1b48610aaf3c19abbeb97194"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8330
expires: Sat, 25 Feb 2023 15:24:14 GMT

GET
H2 200 chunk.94135.a3477a7f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 88ms
87ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.94135.a3477a7f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 15 Dec 2022 19:32:00 GMT
x-served-at: Wed, 28 Dec 2022 22:12:04 GMT
etag: "671c8ca3d2c93888427fd55c7c19023f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4092
expires: Sat, 28 Jan 2023 22:12:04 GMT

GET
H2 200 chunk.85559.7f933b9f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 88ms
88ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.85559.7f933b9f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90682e2f91238907278d1e36d649ccce58bf45cf12c16f157308a2009547f8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 02 Feb 2023 15:32:02 GMT
x-served-at: Mon, 13 Feb 2023 03:51:13 GMT
etag: "d38e78d1aa0741f3160c7b937ca036e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4216
expires: Thu, 16 Mar 2023 03:51:13 GMT

GET
H2 200 chunk.us.common.scoreTicker.ea714b5a.css
widgets.media.sportradar.com/assets/css/ 38 KB
5 KB 87ms
87ms Stylesheet
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.us.common.scoreTicker.ea714b5a.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 13 Feb 2023 16:19:24 GMT
x-served-at: Wed, 15 Feb 2023 07:18:31 GMT
etag: "9faab841da6c8622e5f390f8e3004a3e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4569
expires: Sat, 18 Mar 2023 07:18:31 GMT

GET
H2 200 chunk.us.common.scoreTicker.488478f8.js Show response
widgets.media.sportradar.com/assets/js/ 171 KB
44 KB 87ms
87ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.us.common.scoreTicker.488478f8.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71ec2e27a9f7068342d035e08feac6abac85c6f9c80992a8e3fb4bbfbfde9973

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Wed, 01 Feb 2023 18:07:16 GMT
x-served-at: Wed, 01 Feb 2023 18:37:01 GMT
etag: "3cffc30012cfc11066a0ce44ef9e490a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 45057
expires: Sat, 04 Mar 2023 18:37:01 GMT

GET
H2 200 chunk.react.cd04a608.js Show response
widgets.media.sportradar.com/assets/js/ 129 KB
42 KB 81ms
81ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.react.cd04a608.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Mon, 30 Jan 2023 08:37:25 GMT
x-served-at: Tue, 31 Jan 2023 14:00:19 GMT
etag: "c7bdd38c3252c749e884e2d30a454945"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 42582
expires: Fri, 03 Mar 2023 14:00:19 GMT

GET
H2 200 en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
26 KB 127ms
38ms XHR
application/json 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1676556566344&h=0a85e093fc3d495c20cfc910a8752d45

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b602ec6ff3eff493e3bd0aecd0fccae4b8a85969806487cb21359b57cab85ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 16 Feb 2023 14:09:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5270400, stale-while-revalidate=604800, immutable
content-length: 26085

GET
H2 200 css Show response
widgets.media.sportradar.com/torontostar/ 37 KB
4 KB 236ms
148ms XHR
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Thu, 16 Feb 2023 14:09:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=60, immutable
accept-ranges: bytes
content-length: 4246

GET
H2 200 licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
9 KB 262ms
175ms XHR
text/plain 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0372efae2ee2ae85f8929bb5e36cd4e7d2eef97cd131e7529e0e3f34aac5eced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
etag: "8606f85c1665e86e1fe8930dc0c35bac"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=200, stale-while-revalidate=60, immutable
content-length: 9489

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 38ms
37ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:14 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 127 B
614 B 434ms
358ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da19b08345e4abb1c25a74171290b6a59face2beedced6568f16ffda7192e4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:14 GMT
ETag: W/"7f-lJQy5HOcLMLnbzdsPDsvPzUAoBc"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 127
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 114ms
35ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Feb 2023 15:26:14 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 channels Show response
push.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ 44 KB
5 KB 70ms
67ms Fetch
application/json 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/channels

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

23a71d4d060f464cae822c10f00446f662ac4fbff4a10b58729477204692ac22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 channels
push.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/ Frame 0
0 26ms
26ms Preflight
text/html 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/a1d064a7-8c58-4fd2-8920-dea8602d42d3/channels

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 23ms
22ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:48 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 206
x-powered-by: Express
etag: W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: -nVMfPTcVcKRjpxCqu6U7NtJkcCtIasN9BNUCQ8RjlIRoLfZ84iQcA==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 218ms
46ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1676906774263&plid=40392811&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10017%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1676906773941&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Mon+Feb+20+2023+15%3A26%3A14+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=47146756&u=pid%3D6d9e6f07f847353169dff5d7eed9e8f2
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:14 GMT
Cache-Control: no-cache
Last-Modified: Monday, 20-Feb-2023 15:26:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 217ms
217ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f49abcdbdbcc0056f22ba91c03102bb1302001050b832aa5d0ca47e6239a3085

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"20d4-zWvytiVwe3rU/0DQA+IsiW4iqHU"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: J-E2cTxvqoqs_t4zdfYzFzb0hje4I7e73uRahtA9j7clhHcuqTVAOQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 215ms
215ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3765bb82192e22ad1f3d00ed8b65fe682357bb27cd5e811c32166cfea4582e60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2007-x8L+ctaXzQQSRXNpEUJFK9GMFXw"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: Gmu6EXQ-pAK6aUHqO8bXAa7URvtXaQtgbn7pRiPKcINBX06SvV9wEg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 202ms
202ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3fe16d8d7a5b0018a9a5c811c32fabe3df9555f530662ee225abd70b1fb498da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1144-nLL53NJXaHL1Xa7OXIMbo/r/LnY"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: Nb6O5xd9XD8xJQ6Pbg-clnHjvpiu8GNVZ_JUH9AWaosadRKLTh6pSw==

GET
H2 200 85126143609760037280641381777055421316 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
419 B 330ms
330ms XHR
application/json 143.204.215.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/85126143609760037280641381777055421316
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-37.fra53.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-trace-id: Root=1-63f39116-3719d587465d2f966264f4a0;Sampled=0
x-amzn-requestid: 094ebf26-e6b3-462b-a6db-03c52b25c707
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: ApOboFj5oAMFRLw=
content-length: 51
x-amz-cf-id: RgXvNYpII0vYb6EjwqaRT7LJKrsy7gw-EGXk69XRlHpwncBa3JAgkw==

OPTIONS
H2 200 85126143609760037280641381777055421316
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 405ms
295ms Preflight
application/json 143.204.215.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/85126143609760037280641381777055421316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-37.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-apigw-id: ApOblG62IAMFSUg=
x-amz-cf-id: 7BHUFZIR0YJVSrUZxcli6jQ0E3Rw8sPDHDPLfUx29d6OkSsm9gazEg==
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: a0d63af0-c33f-4dc3-a456-3c2a51ff884a
x-cache: Miss from cloudfront

GET
H2 200 c1f087ffbe49c42e99ae0f0999e358d0 Show response
z737.thestar.com/plugin/plugin/ 212 KB
47 KB 23ms
22ms Script
text/javascript 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugin/plugin/c1f087ffbe49c42e99ae0f0999e358d0

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

eb4a0d9cc51a5189a71ba5f8141a073fcba163d4bd4e1bf3544d6b9b273a9fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 348656
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 47964
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 14:35:17 GMT
server: -
etag: c1f087ffbe49c42e99ae0f0999e358d0
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: dsDCkbZQYnsOp1k2TgozRx5FH1AJxzD0LYnVQ85LPd5nfb9vrPLXRg==
expires: Fri, 16 Feb 2024 14:35:17 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 206ms
204ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

055199e88ce9b36662e1e36983627d54bd08f60990ff6a417c17ece1baa002fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1f99-FRWH2vtN2BobatT3mKSNYhKmSE0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: e75_KiarVXBi6WHtn3Zx5ND9cNJl48A-QlX0-kseu5SrRMzxMl288w==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 206ms
205ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9932594dc608a24d9cf18ccb560a41fc3c9e5eb0ee0a82fe4c3be55f2fcee902

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"170a-ruig1BTfWCs/zwnPCM8uMlJGZNA"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: kIaL9-qd1-Ma1lHZCVPOzOBwe-PqqrctLz9pHD8Z1U_7A8kXm3vdww==

GET
H2 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1... Frame E8DD 124 KB
42 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4klc4MQJyPZxs7Vo3MqAmf1rSvFQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/am=dAYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI4I0WqZ5ORXru-FoGF0RM93w10DAQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b74868aa7a67fe02d92ade2e51c6be9cd1d01c26ddb848038c13835e1ffc1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42892
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:17:34 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1... Frame E8DD 17 KB
7 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/exm=COQbmf,DfBslb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4klc4MQJyPZxs7Vo3MqAmf1rSvFQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc048c09a8d760da2274f28563f1733f0b12d668122d570226c35870cc939d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7309
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:17:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=530&hp=1&kq=1&lo=0&qs=1&ak=-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=12&mc=0&lb=10017&la=0&ld=1200&lc=0&cw=1600&cx=1200&sh=10017&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=1196&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&em=0&en=0&bu=311&cd=1&ah=311&am=1&re=0&wb=1&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=1214557400&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:14 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 18 KB
3 KB 207ms
204ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5c4ab39fdd9cff99823ae4a996b025f5425db6050da4781d3ea4ede12436597a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"4744-Rs/D0Bn8lKtb3id0Xg73dt6mj+A"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: lRZ0HmaV09x4eMh1HNxCPB9vf1WrudK-9bLl_F1yaLc76EqLgNTFyQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
1 KB 204ms
204ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

fe0f5e03002d8c1e5ad75eba9fd2cec353201016df01734e6f9ee55fb6117fe4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"127a-n5FWOS/ie2swNAtpQxFpmWKTmrk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: H1Aq4li1DfGZOxvFZ5YtTIAwZu036bj3dU05bMPei_nDng-wMjNZnQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 210ms
208ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

eb139fa7734646663dca1f30b3c0cdf3607e97e8a87ddb598338dc73752105cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"27bd-Ql7x5rsgRquHqkXJSgiZX9rBx18"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 10RedaEVxmDOFsYJbtbMxbPNKpIh_hJ-WSZK76P-vI1oBYiT6G43zw==

GET
H2 200 mdc.textfield.min.js Show response
z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 21ms
20ms Script
text/javascript 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 645530
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Feb 2023 04:07:24 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: JAgjcBB2CyeGfl_3v3HpzxC4XzXxeDxss28efrDUFkUZ38YEmFCr3g==
expires: Tue, 13 Feb 2024 04:07:24 GMT

GET
H2 200 user_agent.min.js Show response
z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 5 KB
2 KB 19ms
19ms Script
text/javascript 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 928380
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1274
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Feb 2023 21:33:14 GMT
server: -
etag: 333f52c72fdc4072c6c7950dab8f54f4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: evRBFhcgzUpWlYMIni3H_FYzppfbpZHiOG_zJxzfseng-GlEVq2xng==
expires: Fri, 09 Feb 2024 21:33:14 GMT

GET
H2 200 fe8ecf3fd8378a3d8fb0e5ad6335fd7e Show response
z737.thestar.com/plugin/library/ 303 KB
95 KB 22ms
21ms Script
text/javascript 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugin/library/fe8ecf3fd8378a3d8fb0e5ad6335fd7e

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

38350f80b554684541ab0c84d7812ea3efa1ffa64de4e623e2e87481409f07bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 348656
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 96735
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 14:35:18 GMT
server: -
etag: fe8ecf3fd8378a3d8fb0e5ad6335fd7e
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: YV0RV3mX8iE2FSZalWhNDNk5IqOyKGWxvUOK1pDamokSnN-Rb3WXqw==
expires: Fri, 16 Feb 2024 14:35:18 GMT

POST
H2 200 LB-Zone-2 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/724/ 3 KB
2 KB 391ms
390ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/724/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=5b2b6488-6d79-4ff0-a339-a6093360cdfe&overruleReferrer=&time=2023-02-20T15%3A26%3A14%2B00%3A00&ts=1676906774369

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

b7567100e20df3bc26ebb97db95e8ad419a4e87ab9e444ade798a70075ecf131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1122
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lAK1AN8d6eHcqnb5gUaoOrM-6C_WIIcDCQGM8yen-7S-WwNJH6B3Og==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1... Frame E8DD 1 KB
780 B 33ms
33ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/exm=COQbmf,DfBslb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4klc4MQJyPZxs7Vo3MqAmf1rSvFQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfc386cb96ae30a9a30918bec2434a76440793c217beaa72eb30d43c54b5a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 715
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:17:55 GMT

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1... Frame E8DD 11 KB
4 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/exm=COQbmf,DfBslb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4klc4MQJyPZxs7Vo3MqAmf1rSvFQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601d52067791cdb3d53ab7091b146b91eb96cae34a84af3d6d2bd7a439ca50e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4145
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:17:35 GMT

POST
H2 200 log Show response
play.google.com/ Frame E8DD 131 B
579 B 102ms
54ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
700 B 61ms
60ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:26:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 15:26:14 GMT

GET
H2

200

MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

54 KB
54 KB

40ms
39ms

Font
font/woff2

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 277
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Y3D5U1UfYJr5Ze9TE2aJwklTVgifIm5xSHzj9EVKHgYqssLSlPDc0Q==

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
content-length: 0
x-amz-cf-id: PIxoavNzVQ9_TcUAdeZbUxcUivbeR-af0mnqnus2alemaV1nV590kQ==

GET
H2

200

MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

55 KB
56 KB

42ms
41ms

Font
font/woff2

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 989
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: ZKEybyqls7VeesZA8YBIC12RKsgQnStSwhvcfkF2QEIo4Mptgmnh0w==

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
content-length: 0
x-amz-cf-id: _N7jCWiMoM-WwVvHnkNpcIdGdIUILG0-GBbpp-Gu6JmRo8rzqh7EJA==

GET
H2

200

MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

53 KB
54 KB

46ms
46ms

Font
font/woff2

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 989
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"d420-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: xcxTFu61XEBwc3P8gaeE_EdxycjJiXDy9RfJCWnBtC54oRGbIFn3gQ==

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
content-length: 0
x-amz-cf-id: uonNCgcoMjYhkYNdyZbSu2JTTsHR2DUXzOjr_fytu2rMu1BQF1pxjg==

GET
H2

200

TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/
Redirect Chain

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

18 KB
19 KB

35ms
35ms

Font
font/woff2

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:09:45 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 989
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"4930-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 5FY_67-N4YoSpzKFpxIltJSqxVr2j657ivzxWC1tIM6FtysYrzBFtA==

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
content-length: 0
x-amz-cf-id: fYlLzwFM73e_is2Jc7C780juNl-0eCT-XfkXyU__10oDz224viUyXg==

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

36ms
36ms

Font
text/html

13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:24:15 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 119
x-powered-by: Express
etag: W/"1c8d8-1tqTFxvD1NUoc4gVj1cbN/4NG0I"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Error from cloudfront
cache-control: max-age=180
x-amz-cf-id: 8J-on0L_0hCFyvfxHBN6YMljwlEdFfH8cjXPqDFRQUJ2hOmTdD0hnA==

Redirect headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: iZiNECL583kpuRxV-gsAl0U2exo2hzMwhLEjGeVlCJQ7u8ehZPaVjg==

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame E8DD 157 B
189 B 178ms
178ms XHR
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-5984430827903877874&bl=boq_subscribewithgoogleclientserver_20230215.07_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=55575&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de09f3dfcde43c61590f150ec87757827641108ec23764a72cf5fec540aa2217

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 27ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1521367241&t=pageview&_s=1&dl=%2F&dp=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACgAIAB~&jid=1360650288&gjid=835458641&cid=874992567.1676906774&tid=UA-150212423-1&_gid=175604172.1676906774&_r=1&_slc=1&cd9=season&cd14=(not%20set)&cd2=widgets&cd3=us.common.scoreTicker&cd4=1.0&cd101=(not%20set)&cd1=1&cd6=web&cd5=en_us&cd7=sr%3Acustomer%3A6666&cd107=default&cd108=default&cd8=sr%3Ahsalias%3Atorontostar&cd110=2.0.257%3A2023-02-16T14%3A09%3A41.689Z&cd23=null&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd12=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&cd24=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd103=sr%3Abookmaker%3A129&z=1047140859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 299ms
60ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

3e193e03a229298edf1c95f0e1ebd8f41f7e3e9c2e840e021be65c8270b31240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web4
content-length: 940
x-feeds-fv: feeds-prod-euc1-fvauto-0d8d897e361657e69
last-modified: Mon, 20 Feb 2023 15:24:35 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web4
etag: W/"c174f1f283b2fe459dd2238fe3e4bf2aefd81f00"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 734291186 738500787, 57056356 56339767
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:29:35 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
231 B 31ms
30ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: f621c1f053db4c22a038a405ad7d80460a311e6cd76d3d1e912d568411e28830

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 211ms
210ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b510010b1ea49b86ded8ad5d032d7fa3501c86b54d85b5bdd500bfb4e8897ccb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1e5e-B82vklch8mQEfTu0nt6ABkK9rlA"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: iCF8iBFbiaZA2gWroWDEG1Ev-guzgmwlABzh7JhR9WG4HvlHA51v4Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 203ms
203ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

fdbba12c402117c31ae8c4ac6379ba10cc9af7d99db5a31c4e5c0d14832614af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1d91-+WEUXG0+RvoX6k4nZp1QucEgVE8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: As414SLK7dtjKi7bSjmfAzeYqdidNewk1JrO0II4Zi7oIJSEu0ilrA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 202ms
202ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a7d0b15f25fe9fa8c9719d7b2aff22e81d46597e1a0ecc27e4ae9526a4e1c61a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1009-cyqR4X375JPxPnumtqPSlRQYo4A"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4105
x-amz-cf-id: TtzeTJXD8sgzxicJnOlK9zGXHu02sTR3Iwuh-7jO0vL_hfJp4jXYQw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
8 KB 204ms
204ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

abbc13b8fd02952a393ff9f4b725f02d43f9ebb3e7372993c8cb5316f76dc037

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1d23-rVZvhXEPNV73U2l54s++2bjyGLk"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7459
x-amz-cf-id: I7b7D9MVSWu9PuRW5E6Jq1PfY-bhVT8xVaUf6GiVotXyV10F5qOVAQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
6 KB 207ms
207ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f280e8da515d7d7dcb000c859c68ee73dcbc326d3ac155bd8ebb77c46ab156a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1566-1q4zBEq7gpCSwFcRAc4Ahf6uloM"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5478
x-amz-cf-id: owU-sfFMtaQ6e2kcCm3__SmVA35YphVLq6B76kvKteyBH_000nzoUA==

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 35 KB
35 KB 35ms
34ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:16:59 GMT
x-content-type-options: nosniff
age: 263355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35520
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:16:59 GMT

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1... Frame E8DD 108 KB
36 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5HhjugxJgQ0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.oBAglCAPbis.L.B1.O/am=dAYACA/d=1/exm=COQbmf,DfBslb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4klc4MQJyPZxs7Vo3MqAmf1rSvFQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4272282ad7fed99cf21178d7f48758985ce550be0d20169fa4f5ef7d397511ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36621
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 18:17:35 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
5 KB 203ms
202ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

863517b74c54c58e9f13d52bd9d318f6cb00b20c0e0ae94f9d42b7036533e0ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"113f-AcoERFD3R/PZdgpj48+EZ8Bi0TE"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4415
x-amz-cf-id: mrffHxK-uejmN5h66rP041BjQVzuWLO7lRUQkQRvIqFeEViawEacXw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
10 KB 203ms
203ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b56c556495a14a708f109fd9b6d7c25820cf45558f8894e5cfc44a93a3ff234d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"24df-PHk8/+fTkLKdG+2Su6Kuy/ev058"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 9439
x-amz-cf-id: vVMkJXI8MY5MhKjH2fX1anZJyJDzNI5jz9ksurmbzgPtXrMhgYqueQ==

GET
H2 200 b
engagefront.theweathernetwork.com/x/ 42 B
309 B 601ms
435ms Image
image/gif 34.120.23.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.23.120.34.bc.googleusercontent.com
Software: TornadoServer/4.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: TornadoServer/4.2
etag: "d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p: policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type: image/gif
cache-control: max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 38ms
38ms Font
font/woff2 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=dd5d6791ec1ccb4cca0f
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:04:52 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8482
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Wed, 15 Feb 2023 19:42:22 GMT
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-18656997130"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 8j0eBNsYULXUx1llKjl2VOwyd_fDqm3DWhoOShcmPbIvnzYpQiom2w==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 17 KB
17 KB 204ms
203ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

565a965f6901f69fede67f46bd4d9f011dd562ad828cffded27e5e301a616119

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"425a-C0zmjzKFiKTwdZsLFVUxgCBI5Qc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 16986
x-amz-cf-id: NfRW-sdGl4AeXZVCNvJnatU4onAcTYa9bJiYgRFFMgxB_AbSEa6m7g==

POST
H2 200 log Show response
play.google.com/ Frame E8DD 131 B
273 B 54ms
53ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:14 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 90ms
51ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
expires: Mon, 20 Feb 2023 15:26:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame E8DD 131 B
273 B 54ms
52ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:14 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 89ms
52ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
expires: Mon, 20 Feb 2023 15:26:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame E8DD 131 B
273 B 54ms
53ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:14 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 88ms
52ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
expires: Mon, 20 Feb 2023 15:26:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 88ms
53ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:14 GMT
expires: Mon, 20 Feb 2023 15:26:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame E8DD 131 B
273 B 54ms
54ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Feb 2023 15:26:14 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
405 B 113ms
112ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: IHoSzA0fnsA4ah5FQO6WrkfP_AofGEiFgcJztiIMPtq3NkWBqZEmXg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 204ms
203ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

19f84f9bdbfc16c725b9fdc3ad32cbda9a06297d5e60903eabbc82d04432c837

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6b0-DtpPuSmKgPcRPnoVeRzNkw8UT8A"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1712
x-amz-cf-id: b4EZ_P21B9oXVq9wlcqg8LXF-vsErTG3TzUnZ1ydBAW_VaAxiUYGkg==

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 7 KB
4 KB 296ms
295ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/DG/DEFAULT/rest/rpc/724?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=5b2b6488-6d79-4ff0-a339-a6093360cdfe&bctempid=&overruleReferrer=&time=2023-02-20T15%3A26%3A14%2B00%3A00&ts=1676906774793

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

b19bc84da485c8ffd813448e4e9f11e54d9ed997f114e2dfe77760ac7bd253ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2681
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: j8Z1LV1tnaaGhSv1rumB1LtuRPIBs96B8tJpiEpkg5mgKpBg-EB02Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 385ms
385ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

11cd4799ee446b320ba35c403326f5d1ab97aa5637981bfb254b2efd8946445d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 169
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Lvr_k7FQ5R-cwO9U0DKuWKe216BIiYng9LX7tZVBh2nlBZt7aS1AdA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 562 B
1 KB 394ms
394ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

988dbed8ed201c622e0ed81ad0a5d050ab23ecd1abf128bcef51981a551f2e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: AxwxNaOI6-05SHk5thMu7C0bYWCkAd5TIqddoXW8xodcENFKrlGgKw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 34 KB
10 KB 393ms
393ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

d0aaaa608c3937f1807274795f3cbc7b0cec7b923a7e6df2fcd38b865c68ce61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8869
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: ycf9z5AomPnH2b0YqBgeu6nJSU8Z3YE7mvabne8SmM2RioC4gmK3og==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 75ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/plugin/plugin/c1f087ffbe49c42e99ae0f0999e358d0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xzTHJoGoZ+dTxbqu649r5AvrPvsn2W2DCYE4JFMZ9xqwitonV5P6Cl762KHfSwoJxaGHzxasp+KfsTXbA07nuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 121ms
120ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

9322c0592ca0d89c8d9ead55b943de67151983ce85ded021bcd9c14c3551b1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 175
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6j4HVltIHSTpxrTOmmbSiOTe5d8hEvngjoqq8MkEmFQJK4PvMCfbtg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
94 B 126ms
124ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3102&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=38&jsfv=nbc&ts=1676906774796&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
94 B 124ms
123ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3106&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=39&jsfv=nbc&ts=1676906774800&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q123_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 386ms
385ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

518ac6114d071a661ec95f44da7f3f142902b60802d7b2b8f00922e03e6d7d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 165
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: CkoonQEo18X6LjxXDdEnc_5LfFJTuP9t08Q5e7aAHe3NZsnOVam3Qg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 205ms
202ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f5f99537085a5b766bf8d03543630228ff01581857ffd2594416504f2dc6204

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"d8c-B+RP3Hj20Eo/rbl8N9JpWwOK+6c"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3468
x-amz-cf-id: RXUDWgZoUgGfhcU3ut4s2PeX5i-1Fnquaj7QlNvnlUfVc2rY0hv3hQ==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
858 B 116ms
113ms Script
text/javascript 34.226.39.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=5b2b6488-6d79-4ff0-a339-a6093360cdfe&&callback=bc_json726

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.226.39.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-39-112.compute-1.amazonaws.com

Software

- /

Resource Hash

1e87c64fc5019f2989d0e3fa2dd5eafbe89fa0a95823f8ab35628f6f205100d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 113ms
112ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

8c5ecae7f2e27227c9b2af698aaef296246fde5c5c56f599bbf3aee4f392b3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"a32-gIVJDdgvbOWslqXbJhx5rJBQCZw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2610
x-amz-cf-id: SiU9LJYKUrpQpyX6mI7PGwc_8JOHrWwitAaNZ-M-fMojDAP17e2SEg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 113ms
113ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

02d9333b0e649c992fd0807897da2f2e8ada8428dcf8e98156d932af38e098c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"356-sqwoMZP5lnHF3Gg7LGKIPbjV07g"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: ei-A4h6o15GrX2LtPCzNsPleO2hOFDJeselwAh_2Yhhd_BWVZhXATw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 113ms
113ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4ac2e2b7b619edf1b495ffc37e37a82e1703e06de617cf94672c18be0b311c6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"a00-JrNMQu15e4ToMgLF4LuIV5sTK2g"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2560
x-amz-cf-id: tz5Ck54iwe_fhwazzgBByDTWNrrmYt6FeADZIyem1oZ2KihdsGFShw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 203ms
202ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

935e8953170520efd41c017d11cc192256d0975b9ddc0716397e5707fad32d00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"a32-yhnvHdFcDmuhEkeYzdoZHuY7v4I"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2610
x-amz-cf-id: mFOhVtoMX9B8N04tTKaF-v_d64J-DJXUneE-DPdhbD2epwltB7lPFQ==

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 34ms
33ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

3852fad8e968c198e6803457985ec180654856ede3604b5ac1efa27a43f2b147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
xip: 116.179.33.210
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-wbxwrnrz
content-length: 731
x-feeds-fv: feeds-prod-euc1-fvauto-0ee042706aea90f00
last-modified: Mon, 20 Feb 2023 14:37:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web08
etag: W/"6e4803d84afc49a9a951bfb156c313e8d1c818f1"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3598
x-varnish: 909087492 904328634, 511261269 656494623
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:37:50 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 122ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3190&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=40&jsfv=nbc&ts=1676906774884&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=3189&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F02%2F19%2Fthree-teenage-girls-and-gunman-dead-in-texas-shooting.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2023%2F02%2F19%2Fuk-police-find-body-in-case-that-led-to-social-media-circus.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F02%2F19%2Ftom-sizemore-61-in-critical-condition-after-brain-aneurysm.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F02%2F20%2Ftrump-absent-as-iowa-2024-gop-caucus-train-begins-to-roll.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F02%2F19%2Fnew-street-drug-surfaces-threatening-to-make-californias-overdose-crisis-worse.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F02%2F19%2Fblackhawks-c-toews-dealing-with-long-covid-19-symptoms.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 2 MB
200 KB 108ms
108ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

5d99fd49ddd01b44f8e57941e044ed69dab805865df165054797516b813397f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-cwsitukj
content-length: 203759
x-feeds-fv: feeds-prod-euc1-fvauto-0ee042706aea90f00
last-modified: Mon, 20 Feb 2023 15:26:05 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web14
etag: W/"d761e41c7f58163f21504f94085e21ac83f2b0f5"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=18
x-varnish: 733901543 733213061, 646707423 182251944
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:25 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 65ms
65ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

cc5a99f6eb6996f777068faee5526cea00697fc3e6a2da178facc40ff050899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:14 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ldtjwkwc
content-length: 602
x-feeds-fv: feeds-prod-euc1-fvauto-06cdb1b356741e6b3
last-modified: Mon, 20 Feb 2023 15:23:45 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web01
etag: W/"c6af32a2afe99908c64392a5f7cfb43c85135401"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 95087295 99788020, 33624739 34120373
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:28:45 GMT

GET
H2 200 549886031832745 Show response
connect.facebook.net/signals/config/ 512 KB
149 KB 271ms
271ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e82078e20d20460f1fe9128519500e011cd7a863223d4962994af2a6cfee75a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Feb 2023 15:26:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: e0a46lUk3AL69t2udvNiQmpiBVRI1Ev0lGWG9/4313jMi/lqWRXG66eTW4zX2rfN2rpdTSmx8dM1nkdlWIXZPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 74ms
74ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mallick.jpg
images.thestar.com/F8nLppX8CKrF2E9vLuX9hRBfdaA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/20/toronto-used-to-be-unfriendly-so... 30 KB
31 KB 37ms
36ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/F8nLppX8CKrF2E9vLuX9hRBfdaA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/20/toronto-used-to-be-unfriendly-somethings-changed/mallick.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7a3ee8afd08481eb3023cf7b0c38150be12a2f04dac46e688e232b2089fb0081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:02:46 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 12208
etag: "3d35c832d3f2a2a2976f6a52b36184fd6ca985bf"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 31008
x-amz-cf-id: fVdf4nHIpH55CFPTlDH5JSb9nHeN6GIMtw8Z-L99sER_U1EEXeGArw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 142ms
142ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3266&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=45&jsfv=nbc&ts=1676906774960&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=3265&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F02%2F20%2Ftoronto-used-to-be-unfriendly-somethings-changed.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2023%2F02%2F19%2Ftravel-plans-your-tax-return-what-you-need-to-worry-about-as-federal-workers-take-strike-votes.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2023%2F02%2F18%2Frcmp-discontinues-search-for-foreign-object-downed-over-yukon.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2023%2F02%2F18%2Fchinese-consulate-general-says-report-could-damage-chinas-relationship-with-canada.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F02%2F15%2Fdoug-ford-should-demand-caroline-mulroneys-resignation.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2023%2F02%2F17%2Fdoug-ford-abandoned-ottawas-residents-emergencies-act-report-finds.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20230217160216-5a2f75ccffc2fcec654cd0fec0fef71ebc38e91b9dfcfe307d81562161958a03.jpg
images.thestar.com/FWF4afNR0ZUgaHzUjtB7iqYhVRI=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/02/20/extreme-drought-makes-cattle-farmers-thin-herds-co... 93 KB
93 KB 33ms
32ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FWF4afNR0ZUgaHzUjtB7iqYhVRI=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/02/20/extreme-drought-makes-cattle-farmers-thin-herds-could-cause-future-supply-problems/20230217160216-5a2f75ccffc2fcec654cd0fec0fef71ebc38e91b9dfcfe307d81562161958a03.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a23cc9b24c807108d12f433bba3bdb6bebba90c669d6739efd41528fd5008f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:10:48 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 22526
etag: "b1afb9b2a949aa2b6dba8495fa90c13581b77a84"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 95100
x-amz-cf-id: UdRBGPxjCy0J9Wg_yL9N-po2kOuBn9AjZ7MF7IDTpNzjHi7dcNXFzw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 122ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3275&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=48&jsfv=nbc&ts=1676906774969&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=3274&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F02%2F18%2Flegal-pot-sales-have-been-a-failure-in-canada-heres-why.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2023%2F02%2F20%2Fextreme-drought-makes-cattle-farmers-thin-herds-could-cause-future-supply-problems.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2023%2F02%2F19%2Fmeta-launches-subscription-service-for-facebook-and-instagram.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2023%2F02%2F20%2Ffunding-woes-inspire-25000-pitching-competition-for-black-entrepreneurs.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 122ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3282&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=51&jsfv=nbc&ts=1676906774976&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=3281&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2023%2F02%2F19%2Feugene-levy-is-the-reluctant-traveler-but-hes-working-on-it-from-south-africa-to-japan.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2023%2F02%2F20%2Feugene-levy-goes-walkabout-on-the-reluctant-traveler-and-netflix-explores-the-murdaugh-murders.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2023%2F02%2F16%2Fjohn-torys-family-has-long-been-toronto-high-society-is-it-time-for-the-citys-old-guard-to-move-aside.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 102339 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 8 KB
3 KB 112ms
112ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/102339

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

16f4d4a020170b77143cbd0a533cbb47ddaf54605165b8702d4cdaf42497e988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 2023
x-feeds-fv: feeds-prod-euc1-fvauto-0df50589d2c962bd1
last-modified: Mon, 20 Feb 2023 15:26:08 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web07
etag: W/"823984ddb5a423043ea357b4424f0c04522684a0"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 738336122 733420474, 684604167 683847914
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:28 GMT

GET
H2 200 cannabis_canada_legal.jpg
images.thestar.com/BjobvhCaLxaruCDuPyGqd573Fx8=/0x0:1071x714/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/02/18/legal-pot-sales-have-been-a-f... 45 KB
45 KB 35ms
34ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/BjobvhCaLxaruCDuPyGqd573Fx8=/0x0:1071x714/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/02/18/legal-pot-sales-have-been-a-failure-in-canada-heres-why/cannabis_canada_legal.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e333b50007da5ec153923701373c90e3ff9cf4138a13e1c4e786317209586a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 15:22:32 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 173023
etag: "72ca468d538760f8c6f9e6de1b107a434b7889d5"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 45928
x-amz-cf-id: cytpWtnBGKoP2IRBb65CbZR5zRB3r_Sbiz3BZEBKPrrN2IMT6Ptz-Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 207ms
204ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d36c54decc5cf54aca6c0fcb9f52843c1b20d2a9d83946ebb82edc8f0ca0e577

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"d78-K+mLPYd+1nV/TkmijCGBocZGTTw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3448
x-amz-cf-id: oBTLsd1BZ2NJ1kcXUVbDZI7uF4YSJwjUuORjZ_drGfgsVusZ6nwxgQ==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 129ms
128ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3303&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=54&jsfv=nbc&ts=1676906774998&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=3301&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F02%2F20%2Fwhat-can-be-done-about-my-sons-ugly-tattoo-ask-lisi.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fanalysis%2F2023%2F02%2F16%2Fi-see-the-fleetingness-of-life-why-a-growing-number-of-women-are-opting-out-of-the-workforce-mostly-on-their-own-terms.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fquiz%2F2023%2F02%2F19%2Fquiz-time-toronto-is-full-of-wild-trivia-heres-10-questions-as-proof.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 122ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3352&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=57&jsfv=nbc&ts=1676906775046&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=3351&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F02%2F20%2Fwhat-can-be-done-about-my-sons-ugly-tattoo-ask-lisi.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2023%2F02%2F19%2Ftoronto-police-looking-for-suspect-after-man-pushed-onto-subway-tracks-at-bloor-yonge-station.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fcontributors%2F2023%2F02%2F17%2Fthe-john-tory-affair-is-a-37-year-age-gap-a-breach-too-far.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F02%2F18%2Flegal-pot-sales-have-been-a-failure-in-canada-heres-why.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F02%2F15%2Fdoug-ford-should-demand-caroline-mulroneys-resignation.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F02%2F20%2Ftoronto-used-to-be-unfriendly-somethings-changed.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 default Show response
www.thestar.com/api/overlaydatarule/ 73 KB
13 KB 22ms
21ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/default

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f18723aa0ef508f5ea3884ec43e65d59254bc5054bf748ebe6876d5c0a38087a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:49 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 206
x-powered-by: Express
etag: W/"12567-f7FiuHHN+Q/vilsxYiZIp7mvTr4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: lCb1NbXhQct4o6_vzv-P_o2G_bVKotm1Odj6GbbILI88EQJVVI_AwA==

GET
H2 200 pics0010.jpg
images.thestar.com/DOYuJe8VuUI1GRG4796zWFboyzA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/02/20/what-can-be-done-about-my-sons-ug... 3 KB
3 KB 35ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/DOYuJe8VuUI1GRG4796zWFboyzA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/02/20/what-can-be-done-about-my-sons-ugly-tattoo-ask-lisi/pics0010.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b9be933f76eee1c4bfe2b9a0e6719b32a5bdce5a4bc15601aea168e20e13a30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 11:42:31 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 13424
etag: "d4fde0e7a94d0b737ef7310328fc04c557ca9eb4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2930
x-amz-cf-id: aNK0aAMkxtUu0eRr2U1TtlmtsL4y9vjJeXX2S6wj_4r4WbrCLx108w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ttc.jpg
images.thestar.com/vaDwtObKb42TtpjwtTZUyNpIIpA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/19/toronto-police-looking-for-suspect-after-man-pushe... 2 KB
3 KB 36ms
34ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/vaDwtObKb42TtpjwtTZUyNpIIpA=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/02/19/toronto-police-looking-for-suspect-after-man-pushed-onto-subway-tracks-at-bloor-yonge-station/ttc.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fb0faeeadca67d5d46c1e8a6b1d6d098c293b5108d4e27157b46041bb2937f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 23:02:48 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 59007
etag: "65fcfaf0931d78506d054cbb5de23190f2a033e0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2366
x-amz-cf-id: DMLT5t-_CD89RhAnfYJAl0vVCeJ_1N75AjlaH27gdMz3-1COaKbgXQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _2cary_grant_and_audrey_hepburn_in_charade_2.jpg
images.thestar.com/Jdz4dr7AgdLRrofthQ0qPLjRi9k=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2023/02/17/the-john-tory-affair-is-a-37-year-age-... 3 KB
3 KB 35ms
32ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Jdz4dr7AgdLRrofthQ0qPLjRi9k=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2023/02/17/the-john-tory-affair-is-a-37-year-age-gap-a-breach-too-far/_2cary_grant_and_audrey_hepburn_in_charade_2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0214bccff291b8c70f435deec7aade49bfe426094de9c2a6308c0ef04e491db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:27:45 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 259110
etag: "1ad42cf0bb5fe5f4007268d8d02d4a2f7de196e8"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2722
x-amz-cf-id: SS9VjvM_AP_aiNfDChTUuBc2YPuclxXi3Hag8H-0qTIvNyQ4W2CnAw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cannabis_canada_legal.jpg
images.thestar.com/xI3WJyV4OZapSDQGiTSf_mIJZ4o=/0x0:1071x714/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/02/18/legal-pot-sales-have-been-a-f... 4 KB
4 KB 35ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/xI3WJyV4OZapSDQGiTSf_mIJZ4o=/0x0:1071x714/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/02/18/legal-pot-sales-have-been-a-failure-in-canada-heres-why/cannabis_canada_legal.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b55ef71df76bafc413dcf3aea75d1e2a0ce02e2d1a935beea85eaeb83948da04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 15:22:33 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 173022
etag: "f0240cf31c9dd68a0c9dfbe05ab99de98166dd59"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3818
x-amz-cf-id: 94YSFFMDwHMyzzjAollp548tEuOK5Z6GV8DUcF2ixlq8sZ1sObMAGQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 caroline_mulroney.jpg
images.thestar.com/Fa3rggAYVfxwxSTwE17xNEe8tuk=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/15/doug-ford-should-de... 2 KB
3 KB 34ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Fa3rggAYVfxwxSTwE17xNEe8tuk=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/15/doug-ford-should-demand-caroline-mulroneys-resignation/caroline_mulroney.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dc0242ae1e673795bd1b4e4c517f75adf1d567211413f530f77a701c7abfd121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:46:50 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 347965
etag: "079c34ebd9f656bedc2b8beaf4757ea80e48eafb"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2378
x-amz-cf-id: pb_f0k3GqEKKpbnhy8ch2ACn4QVC-exEu6fvKqmDHw-30Kf8v4wbFA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mallick.jpg
images.thestar.com/rwzDS9caBQ1nFGFk4v02r-3FwB8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/20/toronto-used-to-be-unfriendly-so... 2 KB
3 KB 32ms
31ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/rwzDS9caBQ1nFGFk4v02r-3FwB8=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/02/20/toronto-used-to-be-unfriendly-somethings-changed/mallick.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ede3e98685145df9db9bdd8b856461821b44edacc722c15e7c8ee3a4dd05c951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:13:11 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 11584
etag: "1f8094e274f5160413bf4b4209c3ba815ae68d6c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2514
x-amz-cf-id: 9DEvFtoTngS9BFKLumjUkDSvwoWsDjoyNF2uzmPNyDKfLvtadohI_w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 191ms
190ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3385&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=63&jsfv=nbc&ts=1676906775080&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=3385&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2023%2F02%2F19%2Fjays-manager-john-schneider-performs-heimlich-to-save-choking-woman-in-dunedin.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2023%2F02%2F18%2Fmaple-leafs-have-followed-the-blackhawks-franchise-building-blueprint-heres-why-it-hasnt-paid-off-so-far.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2023%2F02%2F19%2Fpatrick-kane-shows-leafs-hes-still-more-than-able-with-hat-trick-in-blackhawks-win.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2F2023%2F02%2F19%2Frahm-holds-on-to-win-at-riviera-and-return-to-no-1-in-world.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2023%2F02%2F19%2Frybakina-vs-andreescu-dubai-tennis-championships-picks-and-odds-fade-struggling-canadian.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fcurling%2F2023%2F02%2F20%2Fwild-cards-a-wild-ride-to-canadian-womens-curling-championship.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2F2023%2F02%2F19%2Fbulldog-hanover-is-harness-racings-first-unanimous-top-pick.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2F2023%2F02%2F19%2Fmac-mcclung-now-the-nba-dunk-champ-wasnt-an-unknown.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 72 KB
13 KB 21ms
21ms XHR
application/json 13.32.27.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=0edf3087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-112.fra56.r.cloudfront.net

Software

Apache/2.4.55 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

de3c9164ec8353fcd5566e0bf8ea17f9f5b6ccf5d0993331231d6ed3e7f38495

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:22:49 GMT
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Apache/2.4.55 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 206
x-powered-by: Express
etag: W/"11e56-cw6BWKSXTssi49Bq6efG9ryhL7w"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: raRd06sTuSorEL__VLOWspvYatCl5owd1D15mth73XAY5_OX0KifxA==

GET
H2 200 34543759 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
775 B 64ms
63ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543759

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

983830d076f076a85f8957a9b30e0f8ab9efe74740300b2dcb7e196902b7d15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gwkqtxwz
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-0265fda0d07cae673
last-modified: Mon, 20 Feb 2023 15:04:48 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web16
etag: W/"3151b1716984bf7f69088664291a862585629c9d"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 907537124 910833247, 60192444 120866868
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 18:04:48 GMT

GET
H2

200

34543759 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543759
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543759

955 B
998 B

68ms
67ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543759

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

fbfcc9adfd57d9b82f693afbfd7de72b3ffec2c3e3616e5005986f69ff1c1225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 346
x-feeds-fv: feeds-prod-euc1-fvauto-0df50589d2c962bd1
last-modified: Mon, 20 Feb 2023 15:06:39 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"006ac8140e78eef083c421849cf49482c58c0224"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10796
x-varnish: 91254074 99353839, 255724161 154391620
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 18:06:39 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0ccd30d15d5299ea5
x-sbe: feeds_web07
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543759
x-varnish: 95763447 97760668, 312470729
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543761 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
786 B 44ms
43ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543761

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

1017e728ebf289976c62b32e2dcea733c24cfb1dbf3a981684794053cf7138d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2a02:8388:19c7:6f00:48d0:aa1c:ccf6:abc1
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web2
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-04588da7c229f5c05
last-modified: Mon, 20 Feb 2023 13:42:43 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web2
etag: W/"0a30acc72b621c125729092e86b161b7f2425e66"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 724515983 723144822, 36005640 38805508
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 16:42:43 GMT

GET
H2

200

34543761 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543761
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543761

953 B
1004 B

35ms
35ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543761

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

6cee237405198c5d2bfbb3023724666c7472435ba9d7d46f1cba226237adbc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:871:257:81c1:7cba:6da5:c8e6:4243
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 347
x-feeds-fv: feeds-prod-euc1-fvauto-06cdb1b356741e6b3
last-modified: Mon, 20 Feb 2023 13:42:17 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web3
etag: W/"2609b8b3389272cfd96f6096490b89f1e70268cf"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 692441589 689726787, 1507941
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 16:42:17 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dergvdbg
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0e6c582f898210710
x-sbe: feeds_web02
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543761
x-varnish: 89659947 90185068, 45745563
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543765 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 69ms
69ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543765

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

55e49278f5d363c5bcb8f4e3377b58e7bc6afafd407a7acdd2b9e4b8b35f49ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web6
content-length: 542
x-feeds-fv: feeds-prod-euc1-fvauto-0ccd30d15d5299ea5
last-modified: Mon, 20 Feb 2023 15:25:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra4
etag: W/"01c6d327ce699fcb9d1ef0b9c7ec2c300c31c8a7"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=59
x-varnish: 1033367791 1036486881, 680616943 684237566
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:50 GMT

GET
H2

200

34543765 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543765
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543765

953 B
991 B

70ms
70ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543765

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

290f6ad57a5d930c6ab219c2b10de2df03c22556dfe8c1e2d5dfe5a4b644231b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web1
content-length: 336
x-feeds-fv: feeds-prod-euc1-fvauto-0ee042706aea90f00
last-modified: Mon, 20 Feb 2023 15:21:52 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web1
etag: W/"9e963f1b354b74a0471859669464eb6b90832d39"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 95570226 96256388, 660237868 355514037
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:52 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ldtjwkwc
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0ccd30d15d5299ea5
x-sbe: feeds_web01
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543765
x-varnish: 701131326 705833300, 683460977 682932923
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543763 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 68ms
67ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543763

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

11786b4b7573936aa09d9e7362f88d5adfe4efaceb81157a799c200234e9649e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web2
content-length: 539
x-feeds-fv: feeds-prod-euc1-fvauto-0eb16bc43a6f69281
last-modified: Mon, 20 Feb 2023 15:25:29 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web2
etag: W/"f27f54046ec71d666a53bc47046a76628e9b88b1"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=57
x-varnish: 701946413 673862070, 236840241 693183452
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:29 GMT

GET
H2

200

34543763 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543763
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543763

951 B
986 B

82ms
82ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543763

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

907ba9fed2109d0304208952fd6adedd13ada40038571177d774347485e5683f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-cwsitukj
content-length: 335
x-feeds-fv: feeds-prod-euc1-fvauto-07fe4dba79a4cf897
last-modified: Mon, 20 Feb 2023 15:23:51 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web14
etag: W/"b2f00e6e32392b722873deb0b230d5c2c0e60bf1"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 97434496 96977362, 142986545 718003230
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:28:51 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0ccd30d15d5299ea5
x-sbe: feeds_web07
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543763
x-varnish: 8634122 7565538, 686327274 683950220
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543769 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 68ms
68ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543769

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

1bb68666c895cbf2519306a8357591db7116b2044c5ed296750425a0cbf36681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ldtjwkwc
content-length: 538
x-feeds-fv: feeds-prod-euc1-fvauto-0df50589d2c962bd1
last-modified: Mon, 20 Feb 2023 15:25:18 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web01
etag: W/"50e6da4eb63c4c74b696ceecc989c8593820369b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=57
x-varnish: 61588255, 684894518 685935521
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:26:18 GMT

GET
H2

200

34543769 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543769
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543769

951 B
990 B

74ms
74ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543769

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

1fa5239070034c111365ad67e9049e5c8f44228f88432bb287f19834fcd42a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web2
content-length: 338
x-feeds-fv: feeds-prod-euc1-fvauto-0e6c582f898210710
last-modified: Mon, 20 Feb 2023 15:26:08 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web2
etag: W/"b9906dd29a499ea6e111c3ecd10c06e67bd5b68e"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 90707486 61427542, 39843030 44641504
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:31:08 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0265fda0d07cae673
x-sbe: feeds_zrh5_web3
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543769
x-varnish: 1058764361 7298471, 121689157 124712549
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543767 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 94ms
94ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543767

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

694aa20101c2b95753afb19f93dcc0816acb00bfd7fba802a6880ffa6bad2668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-hfhmiray
content-length: 543
x-feeds-fv: feeds-prod-euc1-fvauto-0ee042706aea90f00
last-modified: Mon, 20 Feb 2023 15:26:02 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web06
etag: W/"2534eb17e77ecfdf095254c526efd15ab97618f0"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=59
x-varnish: 1034478052 1040125850, 7254292 663209423
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:27:02 GMT

GET
H2

200

34543767 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543767
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543767

951 B
990 B

67ms
67ms

XHR
application/json

2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543767

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

d4d2499128d80aaf4ecfc5591f4ca52a40582b33357538097ab37e927a1a327d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 346
x-feeds-fv: feeds-prod-euc1-fvauto-0ccd30d15d5299ea5
last-modified: Mon, 20 Feb 2023 15:24:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web07
etag: W/"ce4c19baa6994009d78744a83f5ff64e9df1f993"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 13441207, 685417627 682224972
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:29:11 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-iyofnzoo
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0b8cd4d129110bce1
x-sbe: feeds_web15
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543767
x-varnish: 94231431 94168763, 642707293 252789855
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 12 KB
5 KB 35ms
34ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32dafb333f0a3c6d08491b81344921ac813229b0454f985c9f839dae5d2a3e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:45 GMT
x-amz-version-id: XJx8rH2YOIZ5ncZyT4GsFwlnf9llhp.Y
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"07f7970640ef8046f53b06e2171c075c"
age: 3211
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: bz9wFik1Hl86-xjMkPih-TznlTABjjRL9UxN7VaiSmNNh8s2ZQDufw==

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 7 KB
4 KB 406ms
406ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

e5c48a6bc8f90e3869f76bf2f1b162f82fa09cc200cb63d724dfbf142b94ff4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2681
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: VvOC9lo8JmFuGYJhBs-65PZBu0S6Fs4YOGynBzVUXm8-kypB_c2rIQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 34543759 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 66ms
66ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543759

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

8672c38e460541eccfdbdb370f8d2588acfff4ecb85be0e982616a4237ff52e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web6
content-length: 1978
x-feeds-fv: feeds-prod-euc1-fvauto-0b93d9dd02e7d48a2
last-modified: Mon, 20 Feb 2023 15:04:17 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra4
etag: W/"5efcbb95208aed5ca2b5617d43fee84d4d087521"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 91224749, 291393372 686908423
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 18:04:17 GMT

GET
H2 200 34543761 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 37ms
37ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543761

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

3cc2ef86bf2df52f2d5791cbf2c845535937f48f93d6caee4af477a4f78c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:871:257:81c1:7cba:6da5:c8e6:4243
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web5
content-length: 1983
x-feeds-fv: feeds-prod-euc1-fvauto-0ee042706aea90f00
last-modified: Mon, 20 Feb 2023 13:43:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra3
etag: W/"d851de000f5934ad715da08e21728914d868a58b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 88834461 87629729, 653270309 585585122
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 16:43:11 GMT

GET
H2 200 34543765 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 74ms
73ms XHR
application/json 2a02:26f0:dc::6853:429
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543765

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:429 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

4cf27024dca8633f9f6ca04ced2a6349697135916fdb8b9d74d9d121489c24de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
xip: 2001:1b60:2:240:3247::10
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gwkqtxwz
content-length: 1706
x-feeds-fv: feeds-prod-euc1-fvauto-0ea4bc0a8bdbf0e61
last-modified: Mon, 20 Feb 2023 15:23:20 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web16
etag: W/"11b2b08e752f63a125a139af5fa046d0f2bb95e8"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=839
x-varnish: 913976093 909599380, 689013323 687452642
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 20 Feb 2023 15:38:20 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 396ms
395ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

87b3e9965e9b9ad4b40a8a0275c2eee49acb5445dd12f6540bdf76be00860b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: IXQSFT_3QNQmsI0--vvlwKzS87X-klJOp8p3CqBAE5KXs_OiW2Dnwg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 111ms
110ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

f714284844d7394bfc3eff967532a4513a2d020e8c5bc166d5b0a5067389d648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: YaFwjgQbtM4DA0Fujy_sYRNxoMGjZax1Oo_OlEi3hV9K6cGw8jpT1g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 293ms
293ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

c58f8e5936475ccc1652431fb9490a3fc58a0aa7971f527e9fc9b5f5fdde7a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: eBAYR7CgTbvdyr1G_RT71fMgovsMgYzNLT6YU22cTV28_j6OXGodNA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 toaster_v3.css
z737.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/ 1 KB
1016 B 19ms
18ms Stylesheet
text/css 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z737.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/toaster_v3.css

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/plugin/plugin/c1f087ffbe49c42e99ae0f0999e358d0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 11946409
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 08:59:26 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: IT5DKM_ebCS6l-r5UX3k1ziI6OH7y2iY3klvX5EMV9xs-_HwmsmDew==
expires: Thu, 05 Oct 2023 08:59:26 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 121ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3603&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=65&jsfv=nbc&ts=1676906775298&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=3603&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F14%2Ffather-seemed-agitated-ahead-of-girls-murders-grandmother-tells-quebec-inquiry.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F19%2Fthree-ev-myths-debunked-why-electric-vehicles-really-are-cleaner-than-gas-burning-cars.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F19%2Fjury-finds-quebec-man-guilty-in-abduction-extortion-of-ny-couple-in-september-2020.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F18%2Fontario-man-arrested-charged-with-first-degree-murder-in-death-of-grandmother-opp.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F15%2Fless-skating-but-maybe-more-algae-four-downsides-of-our-weirdly-warm-winter.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F16%2Ftwo-dead-one-injured-after-avalanche-hits-group-of-snowboarders-and-a-skier-in-bc.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F02%2F15%2Fyoung-hockey-player-charged-with-assault-after-stick-swinging-injury-in-halifax.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 2023021412028-203d0cf0c79a36afa988f0426370d671ffcf4e51f4169cda3f4dabdc861ac625.jpg
images.thestar.com/M66H6bvK6KtpGaOTS8ScdRFbaDw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/02/14/father-seemed-agitated-ahead-of-girls-murders-g... 44 KB
44 KB 33ms
33ms Image
image/webp 13.32.110.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/M66H6bvK6KtpGaOTS8ScdRFbaDw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/02/14/father-seemed-agitated-ahead-of-girls-murders-grandmother-tells-quebec-inquiry/2023021412028-203d0cf0c79a36afa988f0426370d671ffcf4e51f4169cda3f4dabdc861ac625.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-88.vie50.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 65cdeb8c2e4409c5fa39f01bbc43a9b3402eba097e9dd59dc109435ad3743ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:55:16 GMT
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: VIE50-C2
age: 102658
etag: "5693aa149b6bf371e944c8148fa6e1758383e73f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 44710
x-amz-cf-id: I8lA6s8cEJdFUZaAp2_8cBgS966-tDp-5pB7WHs68IxcIn7dwudKTg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RC5e3aa078185a404a90c26089a206fc93-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 1 KB
1 KB 33ms
33ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 519a62ab9306f4f13def7d6d6a904b266ed61d161b34c455a5067cd57f96f1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:47 GMT
x-amz-version-id: a7pOphVxrXGG3.1PYvPvDRyvgnwNQQMd
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"4123870592b2a1b4989c3f90b32403d2"
age: 3209
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: z8QT940thAAEiXa_0xPQugU8lC3fNdJ2jBpmKYITAGkisIhRLZJZFg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=12&mc=12&lb=10714&la=1200&ld=1200&lc=1200&cw=1600&cx=1200&sh=10017&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=2210&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=1401&cd=311&ah=1401&am=311&re=0&wb=1&ai=530&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=1644923386&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H2 200 close.png
z737.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/ 225 B
729 B 19ms
19ms Image
image/png 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z737.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/close.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:00:02 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
age: 6549973
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 225
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Dec 2022 20:00:02 GMT
server: -
etag: 78c046295f4be9f49abee490a3f879b8
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8hUIcnF86VYCmtbqu8fppmVhYsuK0Slz5Jw0pM0VLFGwynw_n7PKwQ==
expires: Wed, 06 Dec 2023 20:00:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 914 B
900 B 144ms
56ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

113ae46ba8ba43b2f3858fb6f5f2f75fe4a88514986c92eb44df085b8370efc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H2 200 3683.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 349ms
65ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3683.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1dd7"
content-type: image/png
x-varnish: 334561227 335297999
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7639
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3698.png
img.sportradar.com/ls/crest/medium/ 10 KB
10 KB 343ms
60ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3698.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Fri, 15 Oct 2021 14:50:01 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web2
etag: "61699519-27cc"
content-type: image/png
x-varnish: 44462703 44095233
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10188
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 794340.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 298ms
33ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/794340.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Thu, 23 Sep 2021 14:22:12 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "614c8d94-1299"
content-type: image/png
x-varnish: 44753648 44600031
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4761
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 297ms
33ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1327"
content-type: image/png
x-varnish: 45008835 43576383
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4903
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 300ms
35ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1707"
x-varnish: 43875478 26377942
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5895
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3704.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 333ms
69ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3704.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1744"
content-type: image/png
x-varnish: 332944382 332805131
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5956
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3699.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 56ms
54ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3699.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1257"
content-type: image/png
x-varnish: 385751970 385285502
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4695
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3679.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 58ms
57ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3679.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-170f"
content-type: image/png
x-varnish: 40909043 40175448
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5903
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 71ms
70ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1788"
content-type: image/png
x-varnish: 335192542 334489630
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6024
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 71ms
71ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1b1f"
content-type: image/png
x-varnish: 41922242 41849077
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6943
expires: Tue, 21 Feb 2023 15:26:15 GMT

POST
H2 200 events Show response
pixel.thestar.com/ 0
117 B 440ms
111ms XHR
text/plain 2600:1f18:1430:9001:19d6:7df1:3355:8814
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.96&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9001:19d6:7df1:3355:8814 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Mon, 20 Feb 2023 15:26:15 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 78ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1676906775389&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676906775386.452682483&eid=ob3_plugin-set_d65391a07e5ee5e3719b5cde69389144413a0fce3f90f4e86a2326fa8c0a1af9&it=1676906774914&coo=false&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Feb 2023 15:26:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC0dc25b20a90b4585b160e266222619c3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 971 B
1 KB 32ms
31ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RC0dc25b20a90b4585b160e266222619c3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c3c845c9d6c0c489076f77bebbfaba1ac41b2b05ad6dd5abb0abc9e64d427bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:48 GMT
x-amz-version-id: HTcpeMDusmlS27BnV8_XAVN53wCByECf
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 3208
etag: "8613178ff721fe1787ef3f6b14a9e32c"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 971
x-amz-cf-id: uOzUGnCww6p0BI8RaZtlrw6L28qpmi7A_jS8HLT97DhnxCIvp8xnBA==

GET
H2 200 3675.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 77ms
76ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3675.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-18e5"
content-type: image/png
x-varnish: 43651508 43585249
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6373
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 3687.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 76ms
76ms Image
image/png 2a02:26f0:dc::6853:423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3687.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:423 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

cc2b3cbe3d04b4e1c8e633bb85993b369fb74102947a165e28dacca9072c423d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-06432b9c5549d358a
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1acb"
content-type: image/png
x-varnish: 44182737 43864724
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6859
expires: Tue, 21 Feb 2023 15:26:15 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 300ms
30ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6348-VIE

GET
H2 200 RC8a0b3800d53b41c89bcb530e531400af-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 2 KB
1 KB 33ms
33ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RC8a0b3800d53b41c89bcb530e531400af-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d6e98d7c1dac35b4056950f7242822f5ec39410f02500ae6143f0934a192023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:49 GMT
x-amz-version-id: AwH.gBYTjK7mzoyuiTKECwKnVajPQ4h9
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"08b5e492e445af1d45c1576248c1d20b"
age: 3207
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Z0-sM3EJeRa4ypfGJU-lgVA2eJ9_wOK1YUGQDXA4Tf1neU1HG3moiw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 76ms
75ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6657bab9b3714f0e344b2b5b479f7ea0f172c6ac783173eae919a0df1ab0015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69256
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 61ms
60ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e83daec6130a02251e1f9adcb5b2988f32d2626c3e7a5f227ba1c3162df95cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44411
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 87ms
87ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4fd2de60b8481c96389f922d2dc242dd752caafa571b554ab37f24cac19a1e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69230
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 108ms
108ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ab2e46d4a5c942c7084d4c400660e5c048ab256310c070c8d374371c829dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44415
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H2 200 RCdd630314d8a144ce818cf865b37c1fd3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 1 KB
1 KB 31ms
31ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72895d3d03d22457d48e12d87fdf9d933aa39d2edac6d0f2d5e5371a27694aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:50 GMT
x-amz-version-id: p7h_cQZfooO147.t6Z.x82grYIuS6aGI
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"6ce6f71484734ee6a984ba1045b8008d"
age: 3206
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: rc3igqJEbw9xqyDtAnpFTg7DAC1yRxWOXr__IRvTaGVoZ4mgykgCjA==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
818 B 390ms
30ms Script
application/javascript 2a02:26f0:dc:384::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:384::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5b8ac7bf8716deebf371c571dcae816105396f17f687e8b1a6b55dd1011e4718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: gzip
x-cdn: akamai
etag: "21c4f4a88717686fbe92271c3b65023b"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 579

GET
H2 200 RC336079137ceb479aab0ece6eedbf95e1-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 1020 B
991 B 33ms
32ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RC336079137ceb479aab0ece6eedbf95e1-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d00308e44ab7122fbe5e999e7cea842340331c2410abc8a7b47abcad7943988e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:51 GMT
x-amz-version-id: iZz1mOoiWwuJZuj18e_FF9hkO.5.Xftl
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"3680e47656cf8c972661b30aee9d0433"
age: 3205
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: t8VMNjeCU3v8VxXT2B1QMfnQkvwFGT0Wz6xWdHeiK5jZnEZPh90BFw==

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ 408 KB
163 KB 102ms
33ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:58:14 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 118ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 20 Feb 2023 15:26:15 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E5FEBFEC0E54339BEDF26DEAA5407D3 Ref B: FRAEDGE2019 Ref C: 2023-02-20T15:26:15Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 RCe057394b62624c84884a89981136d531-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 1 KB
967 B 31ms
31ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RCe057394b62624c84884a89981136d531-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8952ae412038692e1106de16b87d8fde129c20752304517d6d32a7c6aadff3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:51 GMT
x-amz-version-id: 3Iyt8_I4zRKJUjhQKB.1eVPnRvnTOFxZ
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"36d1e4e51141552d06ff3d47ccf0a39f"
age: 3204
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: rNXnaxQdk8Y9PM118GXPmXHVayXURM9FrVeMSIyEQLATOKtmcqG5fg==

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 390ms
390ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

5237ab4a7c36a333f6830bdbe93bd9a817407a5996032f61cc107c7c80a75cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 151
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: yP7X2Xi45hJaenB_FjxRf0R51lEdUXICH1YEVTABVudK-e3UT2Bs6w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 118ms
30ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17684
accept-ranges: bytes
content-length: 4777

GET
H2 200 RCf39ced5c22854dc7bd6e804a34d45663-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/ 1 KB
1003 B 32ms
32ms Script
text/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/RCf39ced5c22854dc7bd6e804a34d45663-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133e78094b79cf173838dece80d8851d12128a0dbfa40e66792d5b644e2e42be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:32:52 GMT
x-amz-version-id: iIUlTs6RKFPKaAgZcihZS.Frh4t8Ofih
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 14:31:49 GMT
server: AmazonS3
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: W/"1c0607027f3e67899128344a4c85cfa0"
age: 3204
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: tSbWHGw6VTOHd5U2G8_FftPiiVk1Cf6Uz-cjZp0IjZoPl8U8UlP51Q==

GET
H2

200

activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 8C73
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww...

498 B
444 B

159ms
158ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

727b7d1aa6be3039cee77a8168b1dc503825746fcddc58c61f83778c915bc18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 115ms
20ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 114ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1676906775645&cv=11&fst=1676906775645&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=120845252.1676906776&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df99bb7ecae0e07d926291f61c1443b3f7fceb84590b84334650967fbf2cd2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13008914.js Show response
bat.bing.com/p/action/ 0
135 B 115ms
115ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 20 Feb 2023 15:26:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF476CC21AF3444986EC0C169261F738 Ref B: FRAEDGE2019 Ref C: 2023-02-20T15:26:15Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
284 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=a6f85135-d84d-407b-a516-07f60f8d814c&sid=ea5a6050b13211ed976f4f5ac0d9a4ff&vid=ea5a6340b13211ed865ef3d43781de38&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Toronto%20Star%20-%20Breaking%20News,%20Toronto%20News,%20Ontario%20News,%20Canada%20News&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=1567&evt=pageLoad&sv=1&rn=691896

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Feb 2023 15:26:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F58F834EA95548858256337FA8CB1107 Ref B: FRAEDGE2019 Ref C: 2023-02-20T15:26:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ 36 B
376 B 121ms
30ms XHR
application/json 2600:9000:2304:9e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:38:17 GMT
content-encoding: gzip
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 2878
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: o_lWIBvbfZF-22kwUZ-3S-wcA4RY-XEBeyZ-YfoUvt8YgNpo6D2YCQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1676906775695%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJniVU4pJTmRgAAAYZvbsYNNpTIzcCQXPeAC2lr5ivK...

0
481 B

187ms
123ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJniVU4pJTmRgAAAYZvbsYNNpTIzcCQXPeAC2lr5ivKt6xeil5ahqxPkcJiozqCR3Lq4eN3OBlPRA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 26BF5E5925BA484B97E0AEC1079F2AAF Ref B: DUS30EDGE0808 Ref C: 2023-02-20T15:26:16Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1I0i5U5U99x9cQMBiQA==

Redirect headers

date: Mon, 20 Feb 2023 15:26:15 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FEFB053D6AE44954B37F7625D2877E4C Ref B: FRAEDGE1708 Ref C: 2023-02-20T15:26:16Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1676906775695&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJniVU4pJTmRgAAAYZvbsYNNpTIzcCQXPeAC2lr5ivKt6xeil5ahqxPkcJiozqCR3Lq4eN3OBlPRA
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1I0i1nY/FzOooOjxvoA==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 68F1 47 KB
26 KB 73ms
71ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3s5xfv5zslyy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e3ccf8c2c2b9af713ed206e0172b4879b813bbea8f4353b4bd37b3851bb9ef5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PvzSmlzN_Ny7aysDPXWeLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26364
content-security-policy: script-src 'report-sample' 'nonce-PvzSmlzN_Ny7aysDPXWeLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 276ms
195ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=fbbdb594-e987-4bec-8577-e906639f2f69&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d2f5ec2-a0e0-489d-96ce-48850527ec2a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 176
date: Mon, 20 Feb 2023 15:26:15 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 60a0c55e80b738f0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: dc14b870ddcfabe6185d3cc3d6bd026bc0a8e63d8b60a35a43c16959abddb8f7
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 316ms
205ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=fbbdb594-e987-4bec-8577-e906639f2f69&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d2f5ec2-a0e0-489d-96ce-48850527ec2a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 186
date: Mon, 20 Feb 2023 15:26:15 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 70a2323aee98d4cd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8658574f0a75ea0ef1aa8e9bca3d5bd44dbcc242b18c033e859172a297847fca
content-length: 43

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 166ms
113ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1676906775779&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c8a9c2cb-dfd6-4912-a2ea-edad293693fb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 68F1 55 KB
24 KB 33ms
33ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3s5xfv5zslyy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 08:30:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 68F1 408 KB
163 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:58:14 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1676906775645&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3480180535&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
154 B 60ms
59ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1676906775645&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3480180535&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 103ms
100ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1676906775907&cv=11&fst=1676906775907&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=120845252.1676906776&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d912b1f15a8ec1a2470ad0f6712708a3a558422b10d068b0de4b8088c0e4719a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1676906775912&cv=11&fst=1676906775912&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=120845252.1676906776&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fda19a8645a29c17a87fc77eefa3a40bfc9e92a6ac74933be5d6dcae8d537a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 100B 0
49 B 23ms
23ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:15 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 main.70c72600.js Show response
s.pinimg.com/ct/lib/ 56 KB
20 KB 31ms
30ms Script
application/javascript 2a02:26f0:dc:384::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.70c72600.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:384::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0050079bd68c7abdc5f400eaed6bc14f6c1fe15b24a8e3a0c7594afe579e1d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "6a4e03523376b7753f555f29c7439ead"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20061

POST
H2 200 724 Show response
z737.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 112ms
111ms XHR
application/json 18.66.112.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: z737.thestar.com
URL: https://z737.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-68.fra56.r.cloudfront.net

Software

- /

Resource Hash

77ddd74b7c9977a893eb72170a06603971bcf4678b9e67630a42d5d896dff3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 645dGEWLGdFaUAMRFLMzynKCLc_XvtgvkwqtnFltQipOlmHPdVrNOA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 68F1 102 B
134 B 57ms
57ms Other
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2789481eb03ebaaac567af091a3f7a9032d8387bab5062279694821d7c1aacc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3s5xfv5zslyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 15:26:15 GMT

GET
H2 200 dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
adservice.google.com/ddm/fls/i/ Frame AC85 497 B
644 B 176ms
73ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d60936cc54d80b305e22fbaacb80d8bec9570bdddeb7a4759fb5ed97210f2e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10230056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
857 B 437ms
82ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1676906776005&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.70c72600.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.4717655f.1676906776.99802b3
x-envoy-upstream-service-time: 2
content-length: 375
x-pinterest-rid: 1393550178251717
pin-unauth: dWlkPVltUXlZamMxTWpJdE9ETXlOUzAwTVRObExXRXpOR0V0WlRWak0yVXpZekptWlRnMw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 426ms
79ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2270c72600%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1676906776013

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4717655f.1676906776.99802b6
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 7440385413126750
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 59ms
57ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1676906775912&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2814776512&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
64 B 62ms
60ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1676906775912&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2814776512&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F9D9 7 KB
1 KB 66ms
63ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d942debe3a1885917790b191610647c638a1fb6305332c117b5898ce837069f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DPT6VEF7RUfoWvMClF1uPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-DPT6VEF7RUfoWvMClF1uPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1676906775907&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_start&fmt=3&is_vtc=1&random=1182387364&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1676906775907&cv=11&fst=1676905200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_start&fmt=3&is_vtc=1&random=1182387364&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame F9D9 55 KB
24 KB 33ms
33ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 08:30:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame F9D9 408 KB
163 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:58:14 GMT

GET
H2 200 dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
adservice.google.de/ddm/fls/i/ Frame 143A 194 B
515 B 179ms
67ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPy1wsW0pP0CFWEFogMd1loOxg;src=10230056;type=ret01;cat=land01;ord=671159254190;gtm=45fe32f0;auiddc=120845252.1676906776;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Mon, 20 Feb 2023 15:26:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F9D9 39 KB
24 KB 96ms
95ms XHR
application/json 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6d1a998d5c1cee3937889ffb63fff03ddb2ed05830ba548a8ef7299059ca73b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24038
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 15:26:16 GMT

POST
H2 200 s99853317926484 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/ 43 B
328 B 32ms
32ms XHR
image/gif 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/s99853317926484

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/2403a4dbc778/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 21 Feb 2023 15:26:16 GMT
server: jag
etag: 3601129881690996736-4619649073570177218
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 19 Feb 2023 15:26:16 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
464 B 198ms
91ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=P4dOZNkmSpZIa&cb=0&ws=1600x1200&v=23.210.317&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-9%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-10%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-11%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-12%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: 3QX26XGWXBBWCPRGJ87D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _ny7QjBjz1XEHR8b--7Nx3F4p_VtzXegICPcYM6iBHJfqt8cQvv6Cg==

GET
H3 200 canonical_bridge.png
www.gstatic.com/recaptcha/api2/ Frame F9D9 13 KB
13 KB 34ms
34ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_bridge.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d760244cff138c1b28b592766f9d28505e39085822fa656ba6e3fc9b7524e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:41:25 GMT
x-content-type-options: nosniff
age: 362691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13098
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 10:41:25 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame F9D9 600 B
624 B 36ms
34ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:11:03 GMT
x-content-type-options: nosniff
age: 278113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 24 Feb 2023 10:11:03 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame F9D9 530 B
554 B 37ms
35ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:00:41 GMT
x-content-type-options: nosniff
age: 397535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 01:00:41 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame F9D9 665 B
689 B 36ms
35ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:23:22 GMT
x-content-type-options: nosniff
age: 482574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Feb 2023 01:23:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F9D9 15 KB
15 KB 34ms
33ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:22:37 GMT
x-content-type-options: nosniff
age: 327819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:22:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F9D9 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:20:14 GMT
x-content-type-options: nosniff
age: 453962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 09:20:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F9D9 15 KB
15 KB 36ms
35ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 368900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 08:57:56 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame F9D9 26 KB
26 KB 57ms
56ms Image
image/jpeg 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8U12gfWK6TVcMWLVv4Af_SakExkvw0DQJBU_9QptEVYA9Q96Lp7NWZklppQqsrYc7EmWDal-p-wnjOzBB_s4dmJ72TNpNP_E-al54VfsRfGBBTfbKVyeV4pxPMPVmoPW6roPowpZ27ZXFek9qvtUgucJCUiEray7rAfJJnNHqfXcmAHZfaCZvDflMZweFtb76wiwMdfo9KaAN2Z-yNx7u8TYn6UzA&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fff977d5d2f16e3319b9eb3248ea8a9fd35b730cffd8c2d6469bd8bcbeb03bd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26214
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 15:26:16 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 733A 565 B
590 B 87ms
87ms Document
text/html 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.70c72600.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.4717655f.1676906776.99805df
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:16 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6600510166101139

GET
H3 200 B24540798.279406836;sz=1x2;ord=130868833232 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 34 KB
13 KB 80ms
80ms Script
text/javascript 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=130868833232?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

1283260f918a5502f12907cf1b6889131c24d93a566a48c2c1fce278ed519fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 63ms
60ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbac6833414d4e1dee02c0649990e0871b6f297ac84b8d186e06e381909944a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40115
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 15:26:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
317 B 58ms
53ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 59ms
54ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 693 B
383 B 237ms
237ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3993792510235041&correlator=1543882015798029&eid=31072029&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&adks=238922136&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D3%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_sport%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_business%252Cgs_politics%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cgt_negative%252Cts_pl_nws_lctns_cnd_prvncl%252Cgv_crime%252Cgs_politics_misc%252Cpr_test%252Cgs_home_property%252Cts_ent_evnt_attr_gnrl%252Cts_tmtv_ntrst_n_gnrl%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_sprts_ctvty_bsbll%252Cgs_auto_misc%252Cgs_business_misc%252Cgs_sport_icehockey&sc=1&cookie_enabled=1&abxe=1&dt=1676906776578&lmt=1676906776&dlt=1676906772287&idt=987&adxs=1059&adys=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=300x250&msz=300x250&fws=512&ohw=0&ga_vid=874992567.1676906774&ga_sid=1676906777&ga_hid=1521367241&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0749136966e158d6d8b14b16a4306f9332c1c0fb6b29b82fcc1d64988cd2bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 177ms
78ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7f7da186fb725a209cb55c59ef2c4d8794d6d91be302be7738e2b5ee53961c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11201
x-xss-protection: 0

GET
H2 200 container.html Show response
14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57A3 6 KB
3 KB 214ms
65ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Tue, 20 Feb 2024 15:26:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 535 B
296 B 453ms
452ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3993792510235041&correlator=1543882015798029&eid=31072029&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=2&adks=2918219636&sfv=1-0-40&prev_scp=pos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D3%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_sport%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_business%252Cgs_politics%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cgt_negative%252Cts_pl_nws_lctns_cnd_prvncl%252Cgv_crime%252Cgs_politics_misc%252Cpr_test%252Cgs_home_property%252Cts_ent_evnt_attr_gnrl%252Cts_tmtv_ntrst_n_gnrl%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_sprts_ctvty_bsbll%252Cgs_auto_misc%252Cgs_business_misc%252Cgs_sport_icehockey&sc=1&cookie_enabled=1&abxe=1&dt=1676906776588&lmt=1676906776&dlt=1676906772287&idt=987&adxs=245&adys=2335&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=300x250&msz=300x250&fws=512&ohw=0&ga_vid=874992567.1676906774&ga_sid=1676906777&ga_hid=1521367241&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf5f1f9e584638f376c69d870e795a2d985fe50a7ed21840031eabb66f83554a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
6 KB 613ms
613ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3993792510235041&correlator=1543882015798029&eid=31072029&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=1980829437&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D3%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_sport%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_business%252Cgs_politics%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cgt_negative%252Cts_pl_nws_lctns_cnd_prvncl%252Cgv_crime%252Cgs_politics_misc%252Cpr_test%252Cgs_home_property%252Cts_ent_evnt_attr_gnrl%252Cts_tmtv_ntrst_n_gnrl%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_sprts_ctvty_bsbll%252Cgs_auto_misc%252Cgs_business_misc%252Cgs_sport_icehockey&sc=1&cookie_enabled=1&abxe=1&dt=1676906776594&lmt=1676906776&dlt=1676906772287&idt=987&adxs=436&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=874992567.1676906774&ga_sid=1676906777&ga_hid=1521367241&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c275663c0bf2d8e013a6b361147a9d64e66ef58ebe7b7ca4aab58e98bdc3c556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6582
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 531 B
286 B 459ms
459ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3993792510235041&correlator=1543882015798029&eid=31072029&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1769926488&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D3%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_sport%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_business%252Cgs_politics%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cgt_negative%252Cts_pl_nws_lctns_cnd_prvncl%252Cgv_crime%252Cgs_politics_misc%252Cpr_test%252Cgs_home_property%252Cts_ent_evnt_attr_gnrl%252Cts_tmtv_ntrst_n_gnrl%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_sprts_ctvty_bsbll%252Cgs_auto_misc%252Cgs_business_misc%252Cgs_sport_icehockey&sc=1&cookie_enabled=1&abxe=1&dt=1676906776597&lmt=1676906776&dlt=1676906772287&idt=987&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x0&msz=1x-1&fws=0&ohw=0&ga_vid=874992567.1676906774&ga_sid=1676906777&ga_hid=1521367241&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b7df0a2e57842100cc1dd132a620299112d458bd6006e7c3489ba767e5ce1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/ 8 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=130868833232?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 10:57:40 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
0 170ms
69ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstE4NYFM_zNHtaj-sJ3Fu7SyCkT5soQvvr1boYPt4-a157UfnFJpS-WwcgH8ObNtTo1BF83VlLOBVK5b5ZOfHNQrB0IXzt331-MfaGHFafTCUhBJ0Wljt5SDTCO0HeOU8BpavpYTlUkVncK81ZjzT8vsFZ_zFRp4A&sai=AMfl-YRU4mNqW6m3xqaxBdupIAnLOXiWhPzpyOeDAhUr_GzIKTaK7mz92DXudmBFrWIPO-ejeiCOG7cELgdQlW0aSUMMzX42Jz0A6mT-2w&sig=Cg0ArKJSzOvSOpvQFxpmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20230215.49746&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=130868833232?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Feb 2023 15:26:16 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 185ms
86ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 15:26:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A61 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:16:26 GMT
expires: Tue, 20 Feb 2024 10:16:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B565 783 B
534 B 58ms
57ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee2646eeee155827873a2d4da07b15125c2a7c229c4ff0bdd41bbf9875a4b8b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BeZRiSpx9Bchh-Kyp0NH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-BeZRiSpx9Bchh-Kyp0NH-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Mon, 20 Feb 2023 15:26:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A61 36 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 06:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 06:07:58 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B565 0
0 66ms
66ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=3993792510235041&rc=05AJBLKW0FGoCuTNu0EOExkahweyom2nCosv7qbc859ch_E6c2beoqPD4xIzA_scCltfazCqBUK4SWlohIKNvCSgInA6NutDuVtVZwid1s-4-v8v9s00VGzDJsdmn_6KLAipIHUOMAAyHffTXxGqoVZUYTL-rbrifAlMx-ZjfiTpyN4z5SN0eZ7g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A61 0
10 B 32ms
31ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?87dVzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AA0 6 KB
3 KB 33ms
32ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:16 GMT
expires: Tue, 20 Feb 2024 15:26:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C2D2 0
16 B 58ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMClKRCYniwYwsDMyQEwAQ&v=APEucNWqrLZnzXWywvtwDelBkJrRbfdqxF9x_VfDzxGhvCDDcuqmGDcs3EgzbaX5O3jT74xzuPPNi0-z7_7i7Xk08kZX_cpwjA

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7AA0 78 KB
27 KB 121ms
119ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 15:26:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 42 B
63 B 68ms
65ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8eq6nrZXPJtiNSTJ-dY_I2mP7xXGinE_MbxHVwoKMhGMHxWJ1_mYfCdAvEOPkBE1HzXFYD32h3IA0aGtWg1Et7caCzklf9cyOijfuF_nsmRuuBog

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 0
20 B 69ms
66ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13704067301866663599&x=1&ct=76

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 7AA0 3 KB
1 KB 35ms
32ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 10:57:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 7AA0 20 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 10:57:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7AA0 0
0 56ms
54ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYiVaOU4xINwPIrUgkDW0vJQ7uMxlp-by5YfUGhubA-rf9EfVZ_1HhhBC9QnihItBXW4VG
Requested by: Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AA0 156 KB
48 KB 144ms
142ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 15:26:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1843157887648&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1843157887648&version=m202301230201&ct=76&x=1&cor=13704067301866664000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7AA0 69 KB
33 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyYx1Or83mDP_d6HricWmUa4mgHqUzlVUO3mb3EH0UuGNN0ABi3hnQ_jXUm8cpaAvZHyNi6KAhKvIfqYnp4W9as6OApQ&cry=1&dbm_d=AKAmf-AIjk41vaXGrbh2a8wndl8vulEn3HDpqr6G4QVcdOOVuuLh03cEyuK_e4AtKwGVBWPTaZENs3OKS0QAu3jaZjoHPI0-NAmFvcj_ioUruARLCc08J4pZ6H3oI7dD8Wt2xBZjiCNS7q6U4RVcPudPOqHk5ldhJhWYFqP3sbKiqHeMnLONGPnrc2y8ukMyWQ-yPwz5lb6KOKhBijYgftgMJCnC-kSojphA1-MzkpPCBRsvUmsFovesKr3TLksJ73KWa91PzfFw6qMK9cvLwZEIybGisqtrBX4zXpwWlWdMkZdQZXb5hUT6WJHPLnDRLY62Mm__zo_BQcJwD1PQmOp0t9UW2cBy-TClai45jFzU8k3VuRj4MrMJULOxT6KzBghBnU5GLInQ0ExOiQECxINmVZ8X53jiKxpPN_UWz7cbPhyni6cbT_MhS3eHrONaJFVbjghSEMcadhjbKmH6ZAJ0V6iIJGbJrOMO_I4OT41k0-I_1sANB_n81b7_Daci5btzoB0y2Md0ofVcA7tK4F08nq-knvwj6rmxDYDwsR6xffkZmTggBsAHnPTUY9I8wZRw5KuppOFLeNoD28u2Ra_hiCdzosB-ZHyk5-XfO9g018vAaC-Pp4YdwW9JyvU2_XGiScwBD8Fbbfnm8V-WijrEEDJDt37LzV0hKnmyLy-vYNO9_DAeFO-HS1cBhhsNlFKJ4fEreeqZLLSj3Ui4Cc_vFphxsqgVNo-WlxrxJ5g8CJQvBZNLzEyPf5hAublzs9EE8nECNhsV4zy8h2UdlDRxob7fDeSH8UtZByVT9xPslAgwpXRsm0jppac6iRES7uKfO6WPi3zkaqVXi33h8hdVy04_zsknGIcCKLZ08uqznDsuhYcBqLHu0eFEz0V7Dv3tXooBTl1igCJBasaQncG6KBFxU_ApsROPuYG_CA-DA-7zUwMYssCrmS3xj3ehjaWYcc2V8PZCCW51IFBFD5Yuq7lLn1TL5z13we-D8q4vwaGTDb6ymZN8sZM2IuAH5qKXUe7oZTpoBFBoohS-8aU7RcCmdWGU-I-cETA3Zkk3Xw90PH75cMciayW7MSi1jRnqZPMDPpRuFxNAR9Mcoua0U6F03AuSqwHHJo-6YbtsUO2flJO3SBp1b0Sfj7Cio2v-C1UKOv1a9X9uF8Ldh9tvXxsf46i5B0nLunVRktRHD7dLOv_fkgZ-I79ahnjnzCW-nf672VOeD1SlXiiD2qEqM6Z8Xi0HN073CZt9CUiJWafc_6DiNwqIBfZpBn098ub46kO5lEiTwURcfjRlDTR8GgrSBqJc-PZ8UN3ZcV8w88I3cTNWZL4GpuLSkw_ncejnvDbiyiZXCkIsplu3KpbVJFo841YTjqxuhP4tnrKlpnPJcYd-qV9to8afIQ0G1Zo5mQ7Dn-NEWVI3_5tNd0LY8E1x0ix32ysj3V-0HvDot5h_dFUOEfdoZbMyAG6ljS4MEDcVMQ7EaI9B-TFJ78o9Yoz4BQBE3GefgI_-hcw9zKeuibraNNWdnAIJOKw2qkLlaBTP3T-xMPKgcgYy13_6JYIUTR6cK0SFOjP6SAk_N12Toh67kIw_Z3K6CyIZQz4G0lqmnv6sxMHonHBUvzk8VjlDciuo8_7w145xOIVFLaAkB_qLbcEXyFLQZH8aC64jomyo_gvlVhgSAjF2trvHCsyYSq_oAJnFqc8aQLKUxM7dZtYLKstzYYi7VYz23j7YJoEMWjeMlk9pNP9ZRixelAOQFyiIFc6STlSH5pIL9PVYl28pTaPXTPg5fy5h_93JEL7Ks0GT0X7qd7yBv2gpdL1Ht9-NG8MGjcMPZ--0goZqTDAp0npiCWeZKsd_Y5c4p00CfydFeIN_3UXsmq1_v87AAYHWNbZN5WcbtIzskeBwxrvID1eKNnTfQS00ItsPsvpIiDIgzVPzx9YTKbzaJ3x55vYMFbnr0nMGLHVLQK3nm3j6mORKdHNh63WIROntfK0sBgTZcHwf_1WLZXZT4z_CxsNIKNSAQli5FxPzjx69rHe4-WxGUSnv_sqdAGS1gzGUNeFT3hDI3i9XRIxmdUkhk9shOhWUK1eBwk_au3khdSkcoIt21Au0SRscX17OWBwbOhisFE9DOaOz83mCDwhyZ65t62JGaXIkkMXDMVF7hGli5leN20BqD2_iIG4ot041OTjh1nYxHeSiSYpKsKqLJ7FKjquqAuVeGAJRRnge6DMGIy0CpTzDZ8qla1nnNw0pKKTdRNMb6adWNcjEvxcqC8J6EPVl3IwzrQmf39KzbtGTZV-jXluGRDR5hagGpf8nNlYv_1L0Y9APrVO3gl259uwDWyIBQwajLBhjUJr2dQInAdA_zQ2sc3jZz6BDNQnMrpTwqnj2JXkhkRSNEcy0xF6fs7PgWXeRIFQ7KCV1Bf4hDJbl6-kRNazUSTZowFGt7dXToQELJOlspag7USfAK1KHktG6Arl1yWiCctvHzwT9o7m8pT88PuVB9dSnLW2crtL3TofbsWaXjCVnTQ4FvQcI6sXL_aJ4W79uz4PceflxzwQrA-FlPYqQZ9KUnvaZAe2I9KkEmw0-CRODVNiwzP67F2LDzm4UPQxPCdHKK2eLzMie-0OpIzac4a0VWEHuEcmlgvA_Wef48aZhoYtEL7thjX4x1lqkfvsEJ4nvVvOi3Cny160N02Wos4S5wCRDVpMhCuLtFL9aB1-PW3B7Xl36VM97IpIBY-TFz_Ey8QtUBwbLTYKgARyuFWwRwrCkS0sR5LPFew0IxG9XF-DSDGjMWp8ZZ1Y4mVPP5brJcpCCLaolkK0T-aDUb_vQAJdklCMOPELn-jiXd9Ik6r7VkzoozRHL8CvjlTSfUwjgcH_9xOYoELQzkKL2RVRqSHHfKp9EnMAZE56t5fsrqV4yDT_v-3vKYxbiwQCX02EGIhnX1s-IAErO3No-oCFO7AER-6GRXnY8faVIiGacNIY2vnHZUKDGQV3xqnTOCx1Z_oQjlMsRPTYP77PDRn4BsR_wOtMFnszN3NMnlsgOQw9Gk_Dy9ov2VIiXgWKqmfYBI5yZS_gf3TXQjSeiujs_SUs9VjbscdGYoKN9iZH_D3gGWA_Vobk5LSOrbxpnHuzmeqsuGQRcwxMoqG0uHUs1IVChl3HenT5SrUf6vLw0lbrChWje9Tk8mIhN8vXuMYfiRzvnw4hOIg2eshzcQx3pm8GPH0TA4pw16IsKd8ety_O7C-m6iIOZ6rZKAkefULR2gwGWmmVMmPSIoY-gJ9iw9OyTyqiSdNjnezemgLv208aJZ16iXLO88DdBKGGQ9o_zcxz3I5Y7KyI3k0ZeUcYWoiY1rTxe-Kn3Z9FlQV-1eCcgxJWoDejvNkj6vRyojIlgfPlwhfk&cid=CAQSOwDUE5ymgIpOQps6wXyGA4fLFdc6NSlVbaBip9BAwZpcwqPXj0Lda7CnRD-fMGyCqxTn6YCIEvWRHoy0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.thestar.com%2F&ds=l&xdt=1&iif=1&cor=13704067301866664000&adk=943508955&idt=134&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf6bab8590bed074b9bb50cafb050482ab3d27310aa1f24e9cfd8084a1a2295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33813
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 7AA0 28 KB
11 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyYx1Or83mDP_d6HricWmUa4mgHqUzlVUO3mb3EH0UuGNN0ABi3hnQ_jXUm8cpaAvZHyNi6KAhKvIfqYnp4W9as6OApQ&cry=1&dbm_d=AKAmf-AIjk41vaXGrbh2a8wndl8vulEn3HDpqr6G4QVcdOOVuuLh03cEyuK_e4AtKwGVBWPTaZENs3OKS0QAu3jaZjoHPI0-NAmFvcj_ioUruARLCc08J4pZ6H3oI7dD8Wt2xBZjiCNS7q6U4RVcPudPOqHk5ldhJhWYFqP3sbKiqHeMnLONGPnrc2y8ukMyWQ-yPwz5lb6KOKhBijYgftgMJCnC-kSojphA1-MzkpPCBRsvUmsFovesKr3TLksJ73KWa91PzfFw6qMK9cvLwZEIybGisqtrBX4zXpwWlWdMkZdQZXb5hUT6WJHPLnDRLY62Mm__zo_BQcJwD1PQmOp0t9UW2cBy-TClai45jFzU8k3VuRj4MrMJULOxT6KzBghBnU5GLInQ0ExOiQECxINmVZ8X53jiKxpPN_UWz7cbPhyni6cbT_MhS3eHrONaJFVbjghSEMcadhjbKmH6ZAJ0V6iIJGbJrOMO_I4OT41k0-I_1sANB_n81b7_Daci5btzoB0y2Md0ofVcA7tK4F08nq-knvwj6rmxDYDwsR6xffkZmTggBsAHnPTUY9I8wZRw5KuppOFLeNoD28u2Ra_hiCdzosB-ZHyk5-XfO9g018vAaC-Pp4YdwW9JyvU2_XGiScwBD8Fbbfnm8V-WijrEEDJDt37LzV0hKnmyLy-vYNO9_DAeFO-HS1cBhhsNlFKJ4fEreeqZLLSj3Ui4Cc_vFphxsqgVNo-WlxrxJ5g8CJQvBZNLzEyPf5hAublzs9EE8nECNhsV4zy8h2UdlDRxob7fDeSH8UtZByVT9xPslAgwpXRsm0jppac6iRES7uKfO6WPi3zkaqVXi33h8hdVy04_zsknGIcCKLZ08uqznDsuhYcBqLHu0eFEz0V7Dv3tXooBTl1igCJBasaQncG6KBFxU_ApsROPuYG_CA-DA-7zUwMYssCrmS3xj3ehjaWYcc2V8PZCCW51IFBFD5Yuq7lLn1TL5z13we-D8q4vwaGTDb6ymZN8sZM2IuAH5qKXUe7oZTpoBFBoohS-8aU7RcCmdWGU-I-cETA3Zkk3Xw90PH75cMciayW7MSi1jRnqZPMDPpRuFxNAR9Mcoua0U6F03AuSqwHHJo-6YbtsUO2flJO3SBp1b0Sfj7Cio2v-C1UKOv1a9X9uF8Ldh9tvXxsf46i5B0nLunVRktRHD7dLOv_fkgZ-I79ahnjnzCW-nf672VOeD1SlXiiD2qEqM6Z8Xi0HN073CZt9CUiJWafc_6DiNwqIBfZpBn098ub46kO5lEiTwURcfjRlDTR8GgrSBqJc-PZ8UN3ZcV8w88I3cTNWZL4GpuLSkw_ncejnvDbiyiZXCkIsplu3KpbVJFo841YTjqxuhP4tnrKlpnPJcYd-qV9to8afIQ0G1Zo5mQ7Dn-NEWVI3_5tNd0LY8E1x0ix32ysj3V-0HvDot5h_dFUOEfdoZbMyAG6ljS4MEDcVMQ7EaI9B-TFJ78o9Yoz4BQBE3GefgI_-hcw9zKeuibraNNWdnAIJOKw2qkLlaBTP3T-xMPKgcgYy13_6JYIUTR6cK0SFOjP6SAk_N12Toh67kIw_Z3K6CyIZQz4G0lqmnv6sxMHonHBUvzk8VjlDciuo8_7w145xOIVFLaAkB_qLbcEXyFLQZH8aC64jomyo_gvlVhgSAjF2trvHCsyYSq_oAJnFqc8aQLKUxM7dZtYLKstzYYi7VYz23j7YJoEMWjeMlk9pNP9ZRixelAOQFyiIFc6STlSH5pIL9PVYl28pTaPXTPg5fy5h_93JEL7Ks0GT0X7qd7yBv2gpdL1Ht9-NG8MGjcMPZ--0goZqTDAp0npiCWeZKsd_Y5c4p00CfydFeIN_3UXsmq1_v87AAYHWNbZN5WcbtIzskeBwxrvID1eKNnTfQS00ItsPsvpIiDIgzVPzx9YTKbzaJ3x55vYMFbnr0nMGLHVLQK3nm3j6mORKdHNh63WIROntfK0sBgTZcHwf_1WLZXZT4z_CxsNIKNSAQli5FxPzjx69rHe4-WxGUSnv_sqdAGS1gzGUNeFT3hDI3i9XRIxmdUkhk9shOhWUK1eBwk_au3khdSkcoIt21Au0SRscX17OWBwbOhisFE9DOaOz83mCDwhyZ65t62JGaXIkkMXDMVF7hGli5leN20BqD2_iIG4ot041OTjh1nYxHeSiSYpKsKqLJ7FKjquqAuVeGAJRRnge6DMGIy0CpTzDZ8qla1nnNw0pKKTdRNMb6adWNcjEvxcqC8J6EPVl3IwzrQmf39KzbtGTZV-jXluGRDR5hagGpf8nNlYv_1L0Y9APrVO3gl259uwDWyIBQwajLBhjUJr2dQInAdA_zQ2sc3jZz6BDNQnMrpTwqnj2JXkhkRSNEcy0xF6fs7PgWXeRIFQ7KCV1Bf4hDJbl6-kRNazUSTZowFGt7dXToQELJOlspag7USfAK1KHktG6Arl1yWiCctvHzwT9o7m8pT88PuVB9dSnLW2crtL3TofbsWaXjCVnTQ4FvQcI6sXL_aJ4W79uz4PceflxzwQrA-FlPYqQZ9KUnvaZAe2I9KkEmw0-CRODVNiwzP67F2LDzm4UPQxPCdHKK2eLzMie-0OpIzac4a0VWEHuEcmlgvA_Wef48aZhoYtEL7thjX4x1lqkfvsEJ4nvVvOi3Cny160N02Wos4S5wCRDVpMhCuLtFL9aB1-PW3B7Xl36VM97IpIBY-TFz_Ey8QtUBwbLTYKgARyuFWwRwrCkS0sR5LPFew0IxG9XF-DSDGjMWp8ZZ1Y4mVPP5brJcpCCLaolkK0T-aDUb_vQAJdklCMOPELn-jiXd9Ik6r7VkzoozRHL8CvjlTSfUwjgcH_9xOYoELQzkKL2RVRqSHHfKp9EnMAZE56t5fsrqV4yDT_v-3vKYxbiwQCX02EGIhnX1s-IAErO3No-oCFO7AER-6GRXnY8faVIiGacNIY2vnHZUKDGQV3xqnTOCx1Z_oQjlMsRPTYP77PDRn4BsR_wOtMFnszN3NMnlsgOQw9Gk_Dy9ov2VIiXgWKqmfYBI5yZS_gf3TXQjSeiujs_SUs9VjbscdGYoKN9iZH_D3gGWA_Vobk5LSOrbxpnHuzmeqsuGQRcwxMoqG0uHUs1IVChl3HenT5SrUf6vLw0lbrChWje9Tk8mIhN8vXuMYfiRzvnw4hOIg2eshzcQx3pm8GPH0TA4pw16IsKd8ety_O7C-m6iIOZ6rZKAkefULR2gwGWmmVMmPSIoY-gJ9iw9OyTyqiSdNjnezemgLv208aJZ16iXLO88DdBKGGQ9o_zcxz3I5Y7KyI3k0ZeUcYWoiY1rTxe-Kn3Z9FlQV-1eCcgxJWoDejvNkj6vRyojIlgfPlwhfk&cid=CAQSOwDUE5ymgIpOQps6wXyGA4fLFdc6NSlVbaBip9BAwZpcwqPXj0Lda7CnRD-fMGyCqxTn6YCIEvWRHoy0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.thestar.com%2F&ds=l&xdt=1&iif=1&cor=13704067301866664000&adk=943508955&idt=134&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10784
x-xss-protection: 0
server: cafe
etag: 15652644324719269315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 08:41:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/ Frame 7AA0 8 KB
3 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 10:57:40 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7AA0 0
0 77ms
76ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv16bSZ2OZQ5qnvaU6_ODb9Ebga17oEGIVRMKBTTWVtAkRTFmHYGWVhDPQtC2cp0JDB3OIEfbX38Ay8zE5rwVrinbbtwW2ucZ2Xx6lSadsUcDjPXmb8kD-ThAQkwpRqv3ncUG6P084HnkF8Ta55ezLyjUbvZFAlAByMyAAtLOAKayzBRplKwXgQcApZPtaRzMAEMz_x00ex_1HPlCfZlOYTG98YefXAfQz4TOgJ6wTWXshE03OthvqMmFC0o8Z12HQ3FNXUBajeXjIWp_fxKB8wo2GaRxlYKz4nr7QOnCA2S9QU-qNkKtINd7AiYcOvCrs7rSWPUpZ4oa4Lt-JY4p3xyyDI2pLfA64AmVmG7jyA7_RpnNTZRqK1OcG9TJaj75boFqeA8XuwOvkzYOx95suXZXjEsEc9Fttu6BhJbC8WHBi-Kp7cCXfdv4wmubTdILA59LRhqoipbiNe65ZskPANHpCde2x450aV2vdp6v_sCUq9tms-dAGQEVUBP-aHZ2XjRpe78JTxhLeUZR7UDv3P3N6zT5TUJ9N00Wgo_3HO1XO1OLkaxxMn9LgKaTiPatJNGURumNobcGuE7Hwisf8ttD7QNh6WJ__ZK3AXKJNmSaYc_VWCGvuiTru7CiW-BwG5MuNulcQSJr6DC8gZNhV52wentGpP-tHUUZD9Tf_O984A6BA3w_Pl3pVGjTWLGTcqjs82KckH5qCTz8anYEMc6emwzewvekj_uJKKJdxf8rYj-nyQqVJcvrGPnS_m6XtmyR0jRO4SnfWmVpzVUCJEHKMB_j0sd5dPOLFAkZPOKSOxJkAeLbAp-86WyQxA5gAa-RGEQUMTFdR-qt_0LdnaxenEAV8LrJ11iDWbqZwdaMukeGGZWXaxWVvXeWtLWIhIoGqOFHQnUNKw7z73WcLsf6sK9xdGqCTJS9KrYUfgZR5ETX8GGRnKS0aMiwmOjzt1PR7LFkUKIPduKoYFlzyzHoCnfMJ2XOUTKuZ-PfWfkVZhNmNuTFkXBESKJmLS5oWjD_BkzpU3pUKLJp_-MBUSLRpnJFwpHc5khlKH9hKS9xUlDJjBo7liRTz3d6B86SrRtF8cRlzLnYzvz6un_k6ne8O1PZylwpS95xYzcnyxjTgObEjr6OQsSI0JIB2m5_TGWpiNDhPBbCYFlP9EUnPYChLB-ohmWo613X4PGGP6aUMhXDQ75T_1IV6RftL2GpVkdPsCiV5x3CfJ3s54tBGTH1KuvD0zHpFHPDVD-clIbgaLulyVnNou5IYxYhVRuUzxVEOW0McvR8CvcOjNAsizTccFrczgVSqH69MeAtPFscquTA&sai=AMfl-YTtaVVqAOmCHRWGK5FSW3Sfgi88Xb6__pb_aiSMO9Uh-uesRB_lrTT9xIGP2Oh2ioOrAhEByfSEjQ6is2RTHJBDRCBhDJPx34OpccSOw2J2kFzkhuf3tpab0qxigTMhfnSkDE-J4eIeP9aLzb8thukO_lfeFYig5VuBjODsGGj1ITLo5asv1lXXs8w9pQ1Nhol4iIfAZiVm2SYTQM-gFJXAoA69F5L7dGQcmROoHwzz3lV40vf9d2diUZVG3Gau0fuv8AtNAPuMmo8l0uOyqRZ73JQZ&sig=Cg0ArKJSzMD5lUyXa486EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230215.18425&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Feb 2023 15:26:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7AA0 41 KB
15 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:06:14 GMT

GET
H2 200 2840261369491807399
s0.2mdn.net/simgad/ Frame 7AA0 30 KB
30 KB 131ms
32ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2840261369491807399

Requested by

Host: 14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
URL: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5658502595fb6f189e595ebed6c12baadc5aa900b6c2bcce7bbf634ec8679c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:03:48 GMT
x-content-type-options: nosniff
age: 462149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30699
x-xss-protection: 0
last-modified: Wed, 04 May 2022 11:35:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 07:03:48 GMT

GET
DATA 200
OK truncated
/ Frame 7AA0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f942830d6d2445ec31f89bf658fba50d2e909c5b6e7a3d0a5ac61d785c70c85f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E7D 22 KB
8 KB 32ms
32ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 336002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:06:15 GMT
expires: Fri, 16 Feb 2024 18:06:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 740C 12 KB
4 KB 85ms
83ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d0b91ec68072cae9a346e0d19f85f9a52bada9995b36a0955cec7cb0cb1cad

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c8427fdada3a67-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Feb 2023 15:26:17 GMT
expires: 0
last-modified: Wed, 15 Feb 2023 10:44:37 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E7D 36 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 06:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 06:07:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=3993792510235041&bg=!dHeldyPNAAZYlHKzeJQ7ADkAdvg8Wo1fLf8WGIqvgkRukFBCFfhilA4WyMA2Lmxm4unREIJfJQbS3xlTFGnvtQUZqoZ61KhRYcACAAAAR1IAAAACaAEHmQKlaQa73lMxm3Tj3DZfwcKCTt7GNx4KEHF2F8yTHcvaw0txFXt_238lDbT2VK_KwN0ZOOECyR_K_x7E27SA-8bkXCx-ZwKv6flxFdfQt-ZbEV5Rq6eIiFo7j6gThglkvmZm9qoHhkp8NYug3EGh02klePqFrREpUckKozyTc2a_BMA3isBPpgKvv3OxdbTegrlj4w5OBhMKH3ZOD2EJhvfF9TFxBMaDnYO4X2zxhWeuN9zYZxHdExALSJARICSMHbXkaDWt5XvbUyhN-FK2Cj-r0E-2uLsDElTbvuV8NTuoVTj_1PYVy7vzeCr7Psky-QW06ZgdnSIedamu7WFYMwGjR7zIz2rcIPDpHOsYLkYP9L9zFi8wGodI_LpSrj3wvCqKBcA_VlmMJctMLnwwcycM6gKj0hMsHU3645O9LvF8vUbq98nF-KvR5RROEhGiYgcusC7GbZkFiERTqVSE1R5GEIrCFqLTplw55HnT2i6z-XlspV5V5QD7aHqXqTXQmy898Hln_Ib6KCPWdYXrXZBLturS84BSkXAagnvlEWAHJOCVOBJsTxs4qgq4iMU4itO0ByQu8ntp4t9aQdec_s0PLsFeSAceTOX2H4RknebOm61BKVdh6egmlFteb27bYXRHyehCsmjOtV205nlF03wjskThKw3zamfh-oXEA37MFaUSahDB64KCApFThyHPRjVjqvzwCbE1tGXSyqBq_RGRjxFYxiDiOMQBuKxxvfRP48lrBCXLP4gV63JiorQ_uH-mj8CY48-hanOQhjwRtXhwciHLrKQ0NGiLnYSR44d5EXQpD3JAai4vvOQ8rDydqkrRdKTDhqlwlWK5BxyuoGkdW8dbjRPXUQw2CgdQ4LvBxhhWuMXscsBgOCYR2cNaMenlv_LkAis
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 740C 17 KB
6 KB 124ms
71ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79c84280d9b83aa4-FRA

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 740C 5 KB
1 KB 65ms
65ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b451c034acb28aa918cfe37af2fba1f5ace232675e60698b4624503da2df47

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 79c842808c023a67-FRA
expires: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7AA0 0
0 68ms
67ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv16bSZ2OZQ5qnvaU6_ODb9Ebga17oEGIVRMKBTTWVtAkRTFmHYGWVhDPQtC2cp0JDB3OIEfbX38Ay8zE5rwVrinbbtwW2ucZ2Xx6lSadsUcDjPXmb8kD-ThAQkwpRqv3ncUG6P084HnkF8Ta55ezLyjUbvZFAlAByMyAAtLOAKayzBRplKwXgQcApZPtaRzMAEMz_x00ex_1HPlCfZlOYTG98YefXAfQz4TOgJ6wTWXshE03OthvqMmFC0o8Z12HQ3FNXUBajeXjIWp_fxKB8wo2GaRxlYKz4nr7QOnCA2S9QU-qNkKtINd7AiYcOvCrs7rSWPUpZ4oa4Lt-JY4p3xyyDI2pLfA64AmVmG7jyA7_RpnNTZRqK1OcG9TJaj75boFqeA8XuwOvkzYOx95suXZXjEsEc9Fttu6BhJbC8WHBi-Kp7cCXfdv4wmubTdILA59LRhqoipbiNe65ZskPANHpCde2x450aV2vdp6v_sCUq9tms-dAGQEVUBP-aHZ2XjRpe78JTxhLeUZR7UDv3P3N6zT5TUJ9N00Wgo_3HO1XO1OLkaxxMn9LgKaTiPatJNGURumNobcGuE7Hwisf8ttD7QNh6WJ__ZK3AXKJNmSaYc_VWCGvuiTru7CiW-BwG5MuNulcQSJr6DC8gZNhV52wentGpP-tHUUZD9Tf_O984A6BA3w_Pl3pVGjTWLGTcqjs82KckH5qCTz8anYEMc6emwzewvekj_uJKKJdxf8rYj-nyQqVJcvrGPnS_m6XtmyR0jRO4SnfWmVpzVUCJEHKMB_j0sd5dPOLFAkZPOKSOxJkAeLbAp-86WyQxA5gAa-RGEQUMTFdR-qt_0LdnaxenEAV8LrJ11iDWbqZwdaMukeGGZWXaxWVvXeWtLWIhIoGqOFHQnUNKw7z73WcLsf6sK9xdGqCTJS9KrYUfgZR5ETX8GGRnKS0aMiwmOjzt1PR7LFkUKIPduKoYFlzyzHoCnfMJ2XOUTKuZ-PfWfkVZhNmNuTFkXBESKJmLS5oWjD_BkzpU3pUKLJp_-MBUSLRpnJFwpHc5khlKH9hKS9xUlDJjBo7liRTz3d6B86SrRtF8cRlzLnYzvz6un_k6ne8O1PZylwpS95xYzcnyxjTgObEjr6OQsSI0JIB2m5_TGWpiNDhPBbCYFlP9EUnPYChLB-ohmWo613X4PGGP6aUMhXDQ75T_1IV6RftL2GpVkdPsCiV5x3CfJ3s54tBGTH1KuvD0zHpFHPDVD-clIbgaLulyVnNou5IYxYhVRuUzxVEOW0McvR8CvcOjNAsizTccFrczgVSqH69MeAtPFscquTA&sai=AMfl-YTtaVVqAOmCHRWGK5FSW3Sfgi88Xb6__pb_aiSMO9Uh-uesRB_lrTT9xIGP2Oh2ioOrAhEByfSEjQ6is2RTHJBDRCBhDJPx34OpccSOw2J2kFzkhuf3tpab0qxigTMhfnSkDE-J4eIeP9aLzb8thukO_lfeFYig5VuBjODsGGj1ITLo5asv1lXXs8w9pQ1Nhol4iIfAZiVm2SYTQM-gFJXAoA69F5L7dGQcmROoHwzz3lV40vf9d2diUZVG3Gau0fuv8AtNAPuMmo8l0uOyqRZ73JQZ&sig=Cg0ArKJSzMD5lUyXa486EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20230215.18425&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Feb 2023 15:26:17 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 740C 0
277 B 98ms
28ms Image
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 20 Feb 2023 15:26:17 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E7D 0
20 B 68ms
68ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQGVcGZHzY_P6GoWH9u8Pu_iwuAYAAAAAOAHgBAI&bg=!w8ClwJTNAAZYlHKzeJQ7ADkAdvg8WsMam4Eu9MQi0rGVUZVz4y44ku8H9z4LNCFj7nVgOkiSbZ5jGQi-5X-y57fze4jiLLebT6wCAAAAYVIAAAACaAEHCgAFmnsjQQyZAv_9Gjel58bfjuuGFpaOjYFZdP2L1gCh2qohyaktVHWoZ5-lkM_CqHxAH8T4iwXy2sZ8Kn4Ql35j7EXkrnUFeXZO75izNttBmb9JXmNP4DgWfzZJ3YYYF7PrcidPEX0kWzo-OujOlRczABZ6nsa8A0t7oqtI64sAJ3zvDdNKjqD8uebjeikqeirsBhTR7oyQzuTLublQSTfQXxh8S-d2CwVvweZm73DtIi4kgnTKSdXNIJ7SDfvVZNzUaDLoL_ZByELe0GuxHprtaBj0qNHx9wq09dhsEFmR2QY5985M3ijFUvXzRIlaOA5PhICfZrjaSDOJziBMTnRBmhwHuOgI1VNNbjPGTWLfT9dM6l7iOu5lz0VXDy9n6SZACPPl3wg9OPHniWxgRQcS9JB4OzmP-5yh8525fRAhDVmitsaV0-_8Npm3Dxh144Of0IkIkXhiOvJgk4YbQYAIDy6udRSG9XMq4Vg-Hod8iOUvbjhe5M9_naVqa-rQtdpyMeV6uNFNLWPWnsyx-qwwTTf7DDz7w1rGane2CrSVvq4OVw4_gWicJlBN9-ryg56N9Qkc_FuocbEYrZI04gLH_UQXW84rBlLje-FyR6ENe6o6GLXseBrufcF4SsfS8QIakdv7C_0TKIF-i-0yuewTHBf5V5x_01c6ItrirXFkG895x5TODvBtXTMaja1XDby4G68nDvcWusagZ6PdgWg4FjJN1vSqJuXCWmRhMk0jcTQ-SnRHkrPUbuMXCrDd5EZ4igEFCFGajyPJbIAkMmU0k2tA_OmOFCZWGQZ_IUjIRQxL2PhuwcnJVedd8o4wG0OcteHMDlDG_35W9ldz86naRP6irtOz2RNU2MyVOQOmJStgrCS_fW57JabQJfybsBxOpP6hN344wBuWgiyJRVHcN8WLVv-PAGbu3I_ypxZVrvlAbdqFhsef8jHvKzcnpyhHhfXGNAZqMfP_3qhl507J6fo3O-HvVa_t8293cfKKnm0qT6rDAtJezFGr6w5hGAGV4w-x5HUfsg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y-ORGUw74oFXcWM-xQ7DSgAA%261111

0
316 B

65ms
65ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y-ORGUw74oFXcWM-xQ7DSgAA%261111
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c842828fb93a67-FRA
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJZP%2FcATbb10kFQFHNchYb1VzymU6C%2BlZlGGY4ysH4JRphoGJDrg4K4tlkpaNcKpCISmX2BFysJhY0CTR16pfQU6sImc9Zw%2BvK%2FXzXpC9NpwIFPwQ7QX362Hgv29EBqX4LTwEqkL"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y-ORGUw74oFXcWM-xQ7DSgAA%261111
cache-control: no-cache
cf-ray: 79c842824db9381c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=51117e19-2a2d-4df3-ad57-13bffc337c0e

0
423 B

66ms
66ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=51117e19-2a2d-4df3-ad57-13bffc337c0e
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c842847b5a3a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=51117e19-2a2d-4df3-ad57-13bffc337c0e
access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=a3c28f38-4a03-46aa-b9e0-fdbb6b3e9bcf

0
555 B

87ms
86ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=a3c28f38-4a03-46aa-b9e0-fdbb6b3e9bcf
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c84285fe1b3a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=a3c28f38-4a03-46aa-b9e0-fdbb6b3e9bcf
date: Mon, 20 Feb 2023 15:26:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 740C 0
35 B 147ms
21ms Image
text/plain 3.124.74.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.74.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-74-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA0 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1843157887648&version=m202301230201&ct=76&x=1&cor=13704067301866664000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7AA0 42 B
174 B 68ms
67ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5TEMj2FdochbM8Cx1swbd-jnEqIEUmoNZs0JwRyeYRktZXILCn2xJp8r6bhVSxyvsZXfJFa_H5TLF5JDkJmmeMNSDwljgsxeD_uDO2zl1esQpY3rmIDigidOCA67Bqdqs0S5geA&sai=AMfl-YQdNGRDb5zmrjA7OlKzLFpr5IPy9EVr3IQdUf74GM_8nQKV208ArUKQPmNG_PF36wWErFFsGvB4DDvplIcoiDhbTlAW4QJj6p85Uy-U0gzhE93pPtYuHX3oQe0&sig=Cg0ArKJSzOF2Em2fxZ9IEAE&cid=CAQSOwDUE5ymgIpOQps6wXyGA4fLFdc6NSlVbaBip9BAwZpcwqPXj0Lda7CnRD-fMGyCqxTn6YCIEvWRHoy0GAE&id=lidar2&mcvt=1015&p=10,436,100,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1980829437&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676906777225&rpt=460&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9D77 16 KB
6 KB 155ms
39ms Document
text/html 23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=42735
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 20 Feb 2023 15:26:18 GMT
expires: Tue, 21 Feb 2023 03:18:33 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9D77 2 KB
3 KB 212ms
30ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92718034&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e2464edc3b0a438d1d2f48d6f6c384e692c04eae5192e283f2aa620310ad01aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 15:26:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=3&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=12&mc=12&lb=10714&la=1200&ld=1200&lc=1200&cw=1600&cx=1200&sh=10017&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=5871&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5111&cd=1401&ah=5111&am=1401&re=0&wb=1&ai=530&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=433753478&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:19 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 35ms
35ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:19 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 36ms
35ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Feb 2023 15:26:19 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame D9D2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=

35 B
477 B

31ms
30ms

Document
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 20 Feb 2023 15:26:19 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 20 Feb 2023 15:26:19 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 88E8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ca5c63f3-911c-4300-ba73-952057127f2e&gdpr=0&gdpr_consent=

42 B
324 B

28ms
28ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ca5c63f3-911c-4300-ba73-952057127f2e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 20 Feb 2023 15:26:19 GMT
Expires: Mon, 20 Feb 2023 15:26:18 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 475 4bd2ccd master zrh-pixel-x26 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ca5c63f3-911c-4300-ba73-952057127f2e&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FD0B
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3197821246071138637

42 B
274 B

33ms
27ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3197821246071138637
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3197821246071138637
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame BA1F 43 B
363 B 164ms
26ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 15:26:19 GMT
expires: Mon, 20 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 220954
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B80F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j

42 B
570 B

127ms
25ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 20 Feb 2023 15:26:19 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 1DB8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

202ms
202ms

Document
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 20 Feb 2023 15:26:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: AB1KCD33Q7Q0MVMFRPJ2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 20 Feb 2023 15:26:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: VWYYXBH9VT0QSBWAGV6A

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z1__UAIJTiOQbG-7IaXFrg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

38ms
38ms

Image
text/html

23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:19 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=42734
accept-ranges: bytes
content-length: 5554
expires: Tue, 21 Feb 2023 03:18:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9D77
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=50996431e2ccfb0c2d05aad2df8b7ead&gdpr=0
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4113222612538765400&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=a3e759d2ae5a1dde
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925043b5163d&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESENo6bhSlrrF3o6jlIb-fusk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925...

95 B
163 B

57ms
42ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESENo6bhSlrrF3o6jlIb-fusk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925043b5163d&zcluid=a3e759d2ae5a1dde&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 79c8428e793539e5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESENo6bhSlrrF3o6jlIb-fusk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa&reqId=3761490d-2ab5-4c16-550d-925043b5163d&zcluid=a3e759d2ae5a1dde&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 9D77
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&addseg=19,36,42

0
0

202ms
30ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Mon, 20 Feb 2023 15:26:19 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CF5FFF50-0209-4E23-906C-6FBB21A5C5AE&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9D77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0Y1RkZGNTAtMDIwOS00RTIzLTkwNkMtNkZCQjIxQTVDNUFF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

28ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9D77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKSQMhbLNEyEtr0-ca_gIg4&google_cver=1

42 B
297 B

30ms
27ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKSQMhbLNEyEtr0-ca_gIg4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKSQMhbLNEyEtr0-ca_gIg4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9D77 43 B
611 B 101ms
29ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 19 Feb 2023 15:26:19 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9D77
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4113222612538765400

42 B
218 B

78ms
25ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4113222612538765400
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 20 Feb 2023 15:26:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4113222612538765400
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9D77 70 B
265 B 160ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 31ms
31ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 22370b96ce6e69821dcbd28ed85b5ff719536b130d62cbe33002e91561393fec

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 20 Feb 2023 15:26:19 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112

GET
H/1.1 200
OK PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 740C 43 B
360 B 120ms
21ms Image
image/gif 18.197.178.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.178.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-178-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:20 GMT
X-Accel-Expires: 0
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2429126952906232347629

0
728 B

81ms
81ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2429126952906232347629
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c8429039433a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2429126952906232347629
date: Mon, 20 Feb 2023 15:26:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AANrHk7H5yIAAB_KelGEnQ

0
827 B

73ms
73ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AANrHk7H5yIAAB_KelGEnQ
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c842923cd63a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AANrHk7H5yIAAB_KelGEnQ
Date: Mon, 20 Feb 2023 15:26:20 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6974417782864804037

0
886 B

78ms
78ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6974417782864804037
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c84292ee273a67-FRA
content-length: 0
expires: 0

Redirect headers

Date: Mon, 20 Feb 2023 15:26:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1bec702d-c154-44c8-9f89-d594af8d8f89
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6974417782864804037
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 400 %7B%7Bpub_zone_id%7D%7D
rtb.gumgum.com/usync/ Frame 740C 162 B
162 B 169ms
45ms Image
text/plain 54.75.223.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usync/%7B%7Bpub_zone_id%7D%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r={{redirect_url}}https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.223.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-223-203.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c74637b272b33ef13a311619784f25883dd87255db98acb7673be98ae6737c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:20 GMT
content-length: 162
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 740C 70 B
264 B 44ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Feb 2023 15:26:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=4113222612538765400

0
1023 B

69ms
69ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=4113222612538765400
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c842969d253a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=4113222612538765400
date: Mon, 20 Feb 2023 15:26:21 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9D77 0
260 B 154ms
25ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:26:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4f57c715-d486-443e-aa34-b35cc3bfc599

0
1 KB

83ms
82ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4f57c715-d486-443e-aa34-b35cc3bfc599
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c8429849063a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=4f57c715-d486-443e-aa34-b35cc3bfc599
date: Mon, 20 Feb 2023 15:26:21 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame 740C 0
0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 740C 0
239 B 92ms
19ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=49730007-eca2-4c3e-a5c1-9015e3b99b75

0
1 KB

65ms
64ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=49730007-eca2-4c3e-a5c1-9015e3b99b75
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c8429a6d3c3a67-FRA
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=49730007-eca2-4c3e-a5c1-9015e3b99b75
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: rhi6l540o09gtgo1phq6s1b1o4qgju1p

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-pTKdIElE2uEjD8xjGMYllq6Qyr5b9mUbtTP1i_c-~A&gdpr=0

0
1 KB

84ms
84ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-pTKdIElE2uEjD8xjGMYllq6Qyr5b9mUbtTP1i_c-~A&gdpr=0
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c8429baf9f3a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-pTKdIElE2uEjD8xjGMYllq6Qyr5b9mUbtTP1i_c-~A&gdpr=0
date: Mon, 20 Feb 2023 15:26:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 740C
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8806904490401849057

0
2 KB

66ms
65ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8806904490401849057
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79c8429dabf23a67-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8806904490401849057
date: Mon, 20 Feb 2023 15:26:21 GMT
content-length: 0

POST
H2 204 rum Show response
elb.the-ozone-project.com/cdn-cgi/ Frame 740C 0
189 B 22ms
22ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.the-ozone-project.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=15b0b573-ea89-402d-bd21-41d6c1062f4f&publisherId=TKN100000001&siteId=4204204311&cb=1676906774548&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Feb 2023 15:26:22 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://elb.the-ozone-project.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79c8429e1cd13a67-FRA

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 137ms
46ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1676906783220&plid=40392811&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%22%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10714%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1676906773941&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Mon+Feb+20+2023+15%3A26%3A23+GMT%2B0000+(GMT)&action=_scroll&pvid=47146756&u=pid%3D6d9e6f07f847353169dff5d7eed9e8f2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 15:26:23 GMT
Cache-Control: no-cache
Last-Modified: Monday, 20-Feb-2023 15:26:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=4&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=12&mc=12&lb=10714&la=1200&ld=1200&lc=1200&cw=1600&cx=1200&sh=10714&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=10204&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=9311&cd=5111&ah=9311&am=5111&re=0&wb=1&ai=530&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=2023140457&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:23 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/ 35 B
49 B 123ms
123ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/1406ec99-de6c-4b3e-eee4-2235b88926b2/__activity.gif?e=stuck_10s&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=12145&blst=1524&ist=2142&iet=2144&bdst=1524&bdet=1826&bcttt=67&jsfv=nbc&ts=1676906783839&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=1406ec99-de6c-4b3e-eee4-2235b88926b2&sid=16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5&pvid=126b48fb-8789-46ca-e8fd-01f90a8a5fd9&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F110.0.5481.100+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Feb 2023 15:26:23 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 37ms
36ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:24 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 36ms
35ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Feb 2023 15:26:24 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 38ms
38ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=TORONTOSTARCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!x%5ETm_h6lf%3C8%2Bge6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx7jmP%3DKs)%5DY%23V20%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=5&vc=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=12&mc=12&lb=10714&la=1200&ld=1200&lc=1200&cw=1600&cx=1200&sh=10714&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cm=6&f=0&j=&o=3&t=1676906773132&de=444362427768&cu=1676906773798&m=15871&ar=5072747-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=15111&cd=9311&ah=15111&am=9311&re=0&wb=1&ai=530&cl=0&at=0&d=thestar.com%3AThe%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News%3A__page__%3A-&gw=torontocontentstarcontent37863992&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98876&na=1961071446&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 15:26:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Feb 2023 15:26:29 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 35ms
35ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 20 Feb 2023 15:26:29 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 36ms
36ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Feb 2023 15:26:29 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

310 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

115 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
z737.thestar.com/DG/DEFAULT	1970-01-20 19:24:26	Name: BCSessionID Value: 5b2b6488-6d79-4ff0-a339-a6093360cdfe
torstar.blueconic.net/DG/DEFAULT	1970-01-20 18:34:02	Name: BCSessionID Value: 5b2b6488-6d79-4ff0-a339-a6093360cdfe
www.google.com/recaptcha	1970-01-20 14:07:38	Name: _GRECAPTCHA Value: 09AJBLKW3Rid9pmfRwjEGZMgIZ7J59SBLm_8ysvZ8WR9c5cHyFj9FRFpCiF0Zx2GJ_8I8Dqkm_hGuGSdCNVliPuPw
www.thestar.com/	1970-01-20 18:34:02	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 18:34:02	Name: last_visit_bc Value: 1676906772718
.thestar.com/	1970-01-20 18:34:02	Name: bc_tstgrp Value: 9
.thestar.com/	1970-01-20 18:35:29	Name: _vwo_uuid_v2 Value: D1FB4893FCD87C54AF750944B45AD0B10\|564a38e7c33916ca9724f10f1694dba7
.thestar.com/	1970-01-20 14:09:05	Name: permutive-id Value: 9a1c0489-94a6-446d-bcf4-a2b80dfd9f0a
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 11:56:36	Name: pxid Value: b4e71937-b099-4130-b75e-e85600303f1b
.thestar.com/	1970-01-20 12:12:26	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-20 19:24:26	Name: _vwo_uuid Value: D1FB4893FCD87C54AF750944B45AD0B10
.thestar.com/	1970-01-20 09:48:28	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 11:58:02	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241676906772%3A85.6442939%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
www.thestar.com/	1970-01-20 10:31:38	Name: AccessToken Value: idv2lecyzvdh8xtjao1u11sykby0r81r3j
www.thestar.com/	1970-01-20 10:31:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 16bd9f70-7e4a-4f81-c632-3d4ccdb64bb5
.thestar.com/	1970-01-20 18:34:02	Name: _ig Value: 1406ec99-de6c-4b3e-eee4-2235b88926b2
.thestar.com/	1970-01-20 09:48:28	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1676906773941%2C%22slts%22:0}
.thestar.com/	1970-01-20 09:49:53	Name: _gid Value: GA1.2.175604172.1676906774
.thestar.com/	1970-01-20 09:48:26	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 09:48:26	Name: _gat_UA-73335503-3 Value: 1
.demdex.net/	1970-01-20 14:07:38	Name: demdex Value: 85162769379038516740642783550609639822
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1970-01-20 19:24:26	Name: local_ga_B4CQN4KW3R Value: GS1.1.1676906774.1.0.1676906774.60.0.0
.thestar.com/	1970-01-20 19:24:26	Name: local_ga Value: GA1.1.874992567.1676906774
.thestar.com/	1970-01-20 19:24:26	Name: _ga_6FZFMVVWVN Value: GS1.1.1676906774.1.0.1676906774.60.0.0
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1676906774166
www.thestar.com/	1970-01-20 18:34:02	Name: selectedPersonalizedCategories Value: []
www.thestar.com/	1970-01-20 18:34:02	Name: personalizedListModeEnabled Value: true
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 19:24:26	Name: s_ecid Value: MCMID%7C85126143609760037280641381777055421316
.thestar.com/	1970-01-20 19:17:50	Name: _parsely_visitor Value: {%22id%22:%22pid=6d9e6f07f847353169dff5d7eed9e8f2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1676906773941}
www.thestar.com/	1970-01-20 18:34:02	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.everesttech.net/	1970-01-20 18:34:02	Name: everest_g_v2 Value: g_surferid~Y-ORFgAAAGFpMwMx
.dpm.demdex.net/	1970-01-20 14:07:38	Name: dpm Value: 85162769379038516740642783550609639822
.thestar.com/	1970-01-20 19:24:26	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19409%7CMCMID%7C85126143609760037280641381777055421316%7CMCAAMLH-1677511574%7C6%7CMCAAMB-1677511574%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676913974s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19416%7CvVersion%7C5.5.0
.www.thestar.com/	1970-01-20 19:24:26	Name: ts_s_ecid Value: MCMID%7C85126143609760037280641381777055421316
.the-ozone-project.com/	1970-01-20 09:48:28	Name: __cf_bm Value: 7BPIrcLl_KtJMdFtnKQRtukV2PHtGlNFHlHCGNJ4WWo-1676906774-0-AW+A3uMXCr5txY7tnpHArILJYTTo6xIYUMO130jLYCfcnTK6iaKxtpQ6rdzikzPyqE0+FhUZto4off4DuEgGdsI=
.thestar.com/	1970-01-20 19:24:26	Name: _ga Value: GA1.2.874992567.1676906774
.thestar.com/	1970-01-20 09:48:26	Name: _gat_sirwidgets_0 Value: 1
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 5b2b6488-6d79-4ff0-a339-a6093360cdfe
torstar.blueconic.net/	1970-01-20 09:58:31	Name: AWSALBCORS Value: SBBBfXPB00pnSepHwXULmnQ+B6myIQJBxdDojIlOuoAqlIdksm9s5kfvFy8LqWc8AeiI51rcuj4fmgDXl5ZK198MGCo1SNX3j8uz5h/UEE0gYUeGNN7DVa7ZiAR9
.thestar.com/	1970-01-20 11:58:02	Name: _fbp Value: fb.1.1676906775386.452682483
.thestar.com/	1970-01-20 11:58:02	Name: _gcl_au Value: 1.1.120845252.1676906776
.thestar.com/	1970-01-20 09:49:53	Name: _uetsid Value: ea5a6050b13211ed976f4f5ac0d9a4ff
.thestar.com/	1970-01-20 19:10:02	Name: _uetvid Value: ea5a6340b13211ed865ef3d43781de38
.bing.com/	1970-01-20 19:10:02	Name: MUID Value: 11239CAB22206D8626798E1523F26C63
.thestar.com/	1970-01-20 11:58:02	Name: _rdt_uuid Value: 1676906775779.c8a9c2cb-dfd6-4912-a2ea-edad293693fb
www.thestar.com/	1970-01-20 09:49:53	Name: ln_or Value: eyIzMTE2ODY4IjoiZCJ9
.linkedin.com/	1970-01-20 10:31:38	Name: UserMatchHistory Value: AQIRkgBdJoRo1QAAAYZvbsT-FdyP0Wz0ot-q8UNZ5i8lrJCb29SDnEpRuW2jwGAmxVgUNty-QkjciA
.linkedin.com/	1970-01-20 10:31:38	Name: AnalyticsSyncHistory Value: AQIA-XGU_HBVZwAAAYZvbsT-XzccISAqHnPmoZfGm6madSLeud0C10Y3VMdnTR4GfhL-DLyfQrvi8CcH8BIXdg
.linkedin.com/	1970-01-20 18:34:02	Name: bcookie Value: "v=2&a2b4cae4-215d-484c-8d84-18986a17af5f"
.linkedin.com/	1970-01-20 09:49:53	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2843:u=1:x=1:i=1676906775:t=1676993175:v=2:sig=AQE-F9uwdnhNkIYgF01ddn92LFAwThpI"
.www.linkedin.com/	1970-01-20 18:34:02	Name: bscookie Value: "v=1&20230220152615b31a985c-5a83-407a-82d6-89bf6592c01cAQGTZ8Vby32ZmibKHBRffh4zd5IXz35L"
.linkedin.com/	1970-01-20 14:07:38	Name: li_gc Value: MTswOzE2NzY5MDY3NzU7MjswMjHcjNX/lwH69lFfjLp9tYi+9Deu8KGl8HW3Cno3djvBkA==
.doubleclick.net/	1970-01-20 19:10:02	Name: IDE Value: AHWqTUkxcxC0Xv48GMUGV4cQs8wf0wsmIhXISg3vD7jEbF9D7c0BLKL_QFLRs33E
.t.co/	1970-01-20 19:24:26	Name: muc_ads Value: d19009c1-b42d-4b6b-a0a9-fae67b10c1c6
.twitter.com/	1970-01-20 19:24:26	Name: guest_id_marketing Value: v1%3A167690677591832825
.twitter.com/	1970-01-20 19:24:26	Name: guest_id_ads Value: v1%3A167690677591832825
.twitter.com/	1970-01-20 19:24:26	Name: personalization_id Value: "v1_m6SyVw2pn/Q2X1MeryREBQ=="
.twitter.com/	1970-01-20 19:24:26	Name: guest_id Value: v1%3A167690677591832825
z737.thestar.com/	1970-01-20 09:58:31	Name: AWSALB Value: 3s3FtZl7m2YuDpM3K/+XTuA7xMyXjaKJfCIlmi0z/DwZdfbUuvyTJ9RMJoNVbMoHaHzKlRcXGO/+5TuEGMPrp0ng2gMsMdWLesJrMnA52ig3ArnSVLyg2eZJLPVv
z737.thestar.com/	1970-01-20 09:58:31	Name: AWSALBCORS Value: 3s3FtZl7m2YuDpM3K/+XTuA7xMyXjaKJfCIlmi0z/DwZdfbUuvyTJ9RMJoNVbMoHaHzKlRcXGO/+5TuEGMPrp0ng2gMsMdWLesJrMnA52ig3ArnSVLyg2eZJLPVv
.thestar.com/	1970-01-20 10:31:38	Name: s_nr Value: 1676906776315-New
.thestar.com/	1970-01-20 18:34:02	Name: s_nr2 Value: 1676906776316-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 18:34:02	Name: _pin_unauth Value: dWlkPVltUXlZamMxTWpJdE9ETXlOUzAwTVRObExXRXpOR0V0WlRWak0yVXpZekptWlRnMw
.thestar.com/	1970-01-20 19:10:02	Name: __gads Value: ID=503e256d81572627:T=1676906776:S=ALNI_MZO3ppKf9-Ih_Q5dYeBNsQP9dHYKQ
.thestar.com/	1970-01-20 19:10:02	Name: __gpi Value: UID=00000bb9552872c6:T=1676906776:RT=1676906776:S=ALNI_MbGBxc3dUZHO5ntTLfOVGrbqPJk2A
.the-ozone-project.com/	1970-01-20 11:58:02	Name: ozone_uid Value: 2M0a6R2dkEiYGuC9On8kc4LB1ia
.casalemedia.com/	1970-01-20 18:34:02	Name: CMID Value: Y-ORGUw74oFXcWM-xQ7DSgAA
.casalemedia.com/	1970-01-20 11:58:02	Name: CMPS Value: 1111
.casalemedia.com/	1970-01-20 11:58:02	Name: CMPRO Value: 1111
.360yield.com/	1970-01-20 11:58:02	Name: tuuid Value: 51117e19-2a2d-4df3-ad57-13bffc337c0e
.360yield.com/	1970-01-20 11:58:02	Name: tuuid_lu Value: 1676906778
.bidswitch.net/	1970-01-20 18:34:02	Name: tuuid Value: a3c28f38-4a03-46aa-b9e0-fdbb6b3e9bcf
.bidswitch.net/	1970-01-20 18:34:02	Name: c Value: 1676906778
.bidswitch.net/	1970-01-20 18:34:02	Name: tuuid_lu Value: 1676906778
.ads.pubmatic.com/	1970-01-20 09:49:53	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 18:34:02	Name: KADUSERCOOKIE Value: CF5FFF50-0209-4E23-906C-6FBB21A5C5AE
.pubmatic.com/	1970-01-20 11:58:02	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:49:53	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 11:58:02	Name: DPSync3 Value: 1678060800%3A201_197_219_221
.pubmatic.com/	1970-01-20 11:58:02	Name: SyncRTB3 Value: 1678060800%3A8_21_7_56_54_251_220_13_161%7C1678147200%3A35
.quantserve.com/	1970-01-20 11:58:02	Name: d Value: EMMBCwGrKPijAA
.quantserve.com/	1970-01-20 19:18:41	Name: mc Value: 63f3911b-3c804-55f51-49280
.fiftyt.com/	1970-01-20 18:34:02	Name: fifid Value: c482c410-a9de-47e9-618e-b1926ec60da5
.fiftyt.com/	1970-01-20 18:34:02	Name: cs Value: MTY3NjkwNjc3OXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fPC2qcbYxfhVVNqDqCJH2Km6E6BXEalPqiH8eC0YBPX_
.adform.net/	1970-01-20 10:28:45	Name: C Value: 1
.simpli.fi/	1970-01-20 18:35:29	Name: suid Value: E6D171439FF14C38A738A623ECCC6879
.onaudience.com/	1970-01-20 18:34:02	Name: cookie Value: a3e759d2ae5a1dde
.onaudience.com/	1970-01-20 09:49:53	Name: done_redirects161 Value: 1
.fiftyt.com/	1970-01-20 09:58:31	Name: fppm Value: 20230220152619
.adform.net/	1970-01-20 11:14:50	Name: uid Value: 4113222612538765400
.de17a.com/	1970-01-20 18:26:50	Name: guid Value: 1.3197821246071138637
.pubmatic.com/	1970-01-20 11:58:02	Name: KRTBCOOKIE_153 Value: 1923-VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j&KRTB&19420-VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j&KRTB&22979-VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j&KRTB&23403-VbE_ZVqzaDROsTpuU7Z0Y1bkbGdOtmBkW7KOm63j
.pubmatic.com/	1970-01-20 10:31:38	Name: KRTBCOOKIE_336 Value: 5844-3197821246071138637
.pubmatic.com/	1970-01-20 10:31:38	Name: PugT Value: 1676906778
.pubmatic.com/	1970-01-20 11:58:02	Name: KRTBCOOKIE_80 Value: 16514-CAESEKSQMhbLNEyEtr0-ca_gIg4&KRTB&22987-CAESEKSQMhbLNEyEtr0-ca_gIg4&KRTB&23025-CAESEKSQMhbLNEyEtr0-ca_gIg4&KRTB&23386-CAESEKSQMhbLNEyEtr0-ca_gIg4
.pubmatic.com/	1970-01-20 10:31:38	Name: KRTBCOOKIE_391 Value: 22924-4113222612538765400&KRTB&23263-4113222612538765400
.mathtag.com/	1970-01-20 19:14:21	Name: uuid Value: ca5c63f3-911c-4300-ba73-952057127f2e
.pubmatic.com/	1970-01-20 11:58:02	Name: KRTBCOOKIE_27 Value: 16735-uid:ca5c63f3-911c-4300-ba73-952057127f2e&KRTB&16736-uid:ca5c63f3-911c-4300-ba73-952057127f2e&KRTB&23019-uid:ca5c63f3-911c-4300-ba73-952057127f2e&KRTB&23114-uid:ca5c63f3-911c-4300-ba73-952057127f2e
.amazon-adsystem.com/	1970-01-20 15:09:33	Name: ad-id Value: A79EOcmvQkQlk6mhMi1BUlo
.amazon-adsystem.com/	1970-01-20 19:24:26	Name: ad-privacy Value: 0
.onaudience.com/	1970-01-20 09:49:53	Name: done_redirects68 Value: 1
.onaudience.com/	1970-01-20 09:49:53	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 18:34:02	Name: zc Value: 9a61ac48-bc6c-4f08-5ab8-c0c10a2014fa
.zeotap.com/	1970-01-20 09:49:53	Name: zsc Value: %9C%B3%24%C3%A8%91%92%98%A9z%B2%BE%B4%AC%0B%23%86g%7B%25%89%1C%1F%C5%2C%3D%07F%8B%DB%9F%EE%CC%9F%90%60y%CC%D5%3B%C0G%DF%C4y%80%1B%25+%93P%A7%DC%B17%25%1D%91%E2%01%B0%13%BB%A98%89%3Cv%8F%87V%CB%AF%F9t5%D4%CD%3C%CA%19%2F%17
.3lift.com/	1970-01-20 11:58:02	Name: tluid Value: 2429126952906232347629
.bidr.io/	1970-01-20 19:16:56	Name: bito Value: AANrHk7H5yIAAB_KelGEnQ
.bidr.io/	1970-01-20 19:16:56	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 11:58:02	Name: uuid2 Value: 6974417782864804037
.the-ozone-project.com/	1970-01-20 11:58:02	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2OTc0NDE3NzgyODY0ODA0MDM3IiwiZXhwaXJlcyI6IjIwMjMtMDMtMDZUMTU6MjY6MjAuNjY3Nzc3NzE5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBTnJIazdINXlJQUFCX0tlbEdFblEiLCJleHBpcmVzIjoiMjAyMy0wMy0wNlQxNToyNjoyMC41NDQ4NjQzNzlaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiYTNjMjhmMzgtNGEwMy00NmFhLWI5ZTAtZmRiYjZiM2U5YmNmIiwiZXhwaXJlcyI6IjIwMjMtMDMtMDZUMTU6MjY6MTguNjAzNzQ4NTU4WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI1MTExN2UxOS0yYTJkLTRkZjMtYWQ1Ny0xM2JmZmMzMzdjMGUiLCJleHBpcmVzIjoiMjAyMy0wMy0wNlQxNToyNjoxOC4zNDczMzc2MTFaIiwic291cmNlIjoiY29va2llIn0sIml4Ijp7InVpZCI6IlktT1JHVXc3NG9GWGNXTS14UTdEU2dBQVx1MDAyNjExMTEiLCJleHBpcmVzIjoiMjAyMy0wMy0wNlQxNToyNjoxOC4wMzc0MzU2NjhaIiwic291cmNlIjoiY29va2llIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMjQyOTEyNjk1MjkwNjIzMjM0NzYyOSIsImV4cGlyZXMiOiIyMDIzLTAzLTA2VDE1OjI2OjIwLjI0NjI2NTkwNVoiLCJzb3VyY2UiOiJjb29raWUifX0sImJkYXkiOiIyMDIzLTAyLTIwVDE1OjI2OjE4LjAzNzQzMjMyN1oifQ==

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.06046900679055245(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=130868833232? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=130868833232?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://rtb.gumgum.com/usync/%7B%7Bpub_zone_id%7D%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r={{redirect_url}}https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
14b52d1b072ff60b280908348c934474.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.permutive.com
api.thestar.com
aud.pubmatic.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
crb.kargo.com
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
eb2.3lift.com
elb.the-ozone-project.com
engagefront.theweathernetwork.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
loada.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
misc.thestar.com
mwzeom.zeotap.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
prebid.the-ozone-project.com
push.kumulos.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.gumgum.com
rtb.openx.net
s.pinimg.com
s.thestar.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
spl.zeotap.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.mathtag.com
t.co
thestar.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
uswidgets.fn.sportradar.com
visitor.fiftyt.com
w4o7aea80ss3-a.akamaihd.net
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
z737.thestar.com
dmx.districtm.io
104.18.25.185
104.18.43.178
104.244.42.131
104.244.42.133
104.83.4.234
13.107.42.14
13.248.245.213
13.32.10.16
13.32.110.118
13.32.110.88
13.32.27.112
130.211.23.194
141.94.170.64
142.250.180.194
142.250.180.230
143.204.215.37
144.21.37.35
15.197.193.217
15.236.117.205
151.101.129.140
151.139.128.10
172.217.20.2
178.250.1.9
18.156.0.31
18.197.178.152
18.65.40.206
18.66.112.68
18.66.147.84
18.66.15.53
18.66.17.43
185.29.132.245
185.64.189.110
185.64.190.78
185.64.190.87
185.86.138.154
198.47.127.20
199.232.16.157
2001:4860:4802:34::36
213.155.156.168
216.52.2.6
23.203.124.192
23.203.125.127
23.62.220.203
2600:1f18:1430:9001:19d6:7df1:3355:8814
2600:9000:21d5:3400:16:970:b940:93a1
2600:9000:2304:9e00:2:53b2:240:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:346
2606:4700:20::681a:890
2606:4700:20::ac43:4686
2606:4700::6810:3965
2606:4700::6810:7daf
2606:4700::6812:af
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c0b::9c
2a00:1450:400d:802::2002
2a00:1450:400d:802::2003
2a00:1450:400d:802::200e
2a00:1450:400d:806::2003
2a00:1450:400d:807::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2006
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2008
2a00:1450:400d:80e::200a
2a02:26f0:11a::217:9a4a
2a02:26f0:dc:384::1931
2a02:26f0:dc::6853:411
2a02:26f0:dc::6853:423
2a02:26f0:dc::6853:429
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::be2:3001
2a03:b0c0:3:f0::1bc:5000
2a04:4e42::396
3.124.74.224
3.70.39.209
34.107.254.252
34.120.23.223
34.226.39.112
34.241.134.204
34.96.102.137
35.190.14.224
35.201.96.126
35.204.158.49
35.227.252.103
35.241.9.51
37.157.3.30
37.157.5.141
37.252.171.21
51.104.28.77
52.17.99.225
52.208.136.62
52.208.37.125
52.30.244.165
52.57.1.21
52.95.115.196
54.170.158.38
54.230.111.210
54.75.223.203
54.78.254.47
65.9.61.60
65.9.84.139
69.173.144.138
99.86.4.121
0050079bd68c7abdc5f400eaed6bc14f6c1fe15b24a8e3a0c7594afe579e1d6c
01431571aa19d8688b4d6bb671e5f1107ecf7687d5a57424b0687bf0718bdca9
0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958
01f9937ff57ec53a868c7b1ed9f2ff738bdbf0938ea1b47facb61ba1e01533ed
0214bccff291b8c70f435deec7aade49bfe426094de9c2a6308c0ef04e491db9
02d9333b0e649c992fd0807897da2f2e8ada8428dcf8e98156d932af38e098c0
0372efae2ee2ae85f8929bb5e36cd4e7d2eef97cd131e7529e0e3f34aac5eced
055199e88ce9b36662e1e36983627d54bd08f60990ff6a417c17ece1baa002fa
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0b7df0a2e57842100cc1dd132a620299112d458bd6006e7c3489ba767e5ce1f1
0ccd47129b602659af28543b0153f94e42bfbacad6db52c050bc815eef8c1fab
0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1017e728ebf289976c62b32e2dcea733c24cfb1dbf3a981684794053cf7138d6
113ae46ba8ba43b2f3858fb6f5f2f75fe4a88514986c92eb44df085b8370efc5
11786b4b7573936aa09d9e7362f88d5adfe4efaceb81157a799c200234e9649e
11cd4799ee446b320ba35c403326f5d1ab97aa5637981bfb254b2efd8946445d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1283260f918a5502f12907cf1b6889131c24d93a566a48c2c1fce278ed519fd7
133e78094b79cf173838dece80d8851d12128a0dbfa40e66792d5b644e2e42be
13673140e8b594d1fd056e71176f4cc7c1959bd7a0d3ab3edcb63b4e3125072c
139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da
14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800
16813ee69ad63d99aa9787d1775bafd5ca6520920b201380a1ef5a2ed8ce01d2
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16f4d4a020170b77143cbd0a533cbb47ddaf54605165b8702d4cdaf42497e988
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f84f9bdbfc16c725b9fdc3ad32cbda9a06297d5e60903eabbc82d04432c837
1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95
1bb68666c895cbf2519306a8357591db7116b2044c5ed296750425a0cbf36681
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d5b3cac20aa0d3ee123708b7bdf4297a5ad18a5b66a40e129b2a0b0f369765d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1db8541b79fb3e93f496105e6e8988bf7659abdda6b1ddfc32447f1d8f9cf4e2
1e87c64fc5019f2989d0e3fa2dd5eafbe89fa0a95823f8ab35628f6f205100d9
1fa5239070034c111365ad67e9049e5c8f44228f88432bb287f19834fcd42a74
22370b96ce6e69821dcbd28ed85b5ff719536b130d62cbe33002e91561393fec
22824dc0ec1facd07218e85b2dd3a0d8767392018c5f06a28002ef329b5322b2
22d0b91ec68072cae9a346e0d19f85f9a52bada9995b36a0955cec7cb0cb1cad
23a71d4d060f464cae822c10f00446f662ac4fbff4a10b58729477204692ac22
23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
277c85dfb71aa4203d2a2e7d8adba8feff699eba22e676a423e477b66eec6467
290f6ad57a5d930c6ab219c2b10de2df03c22556dfe8c1e2d5dfe5a4b644231b
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32dafb333f0a3c6d08491b81344921ac813229b0454f985c9f839dae5d2a3e1c
37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691
3765bb82192e22ad1f3d00ed8b65fe682357bb27cd5e811c32166cfea4582e60
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d721ab09d7ecc8674cc2b199fc59290630a9c02931de297eb796508876fe26
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
38350f80b554684541ab0c84d7812ea3efa1ffa64de4e623e2e87481409f07bb
3852fad8e968c198e6803457985ec180654856ede3604b5ac1efa27a43f2b147
38b451c034acb28aa918cfe37af2fba1f5ace232675e60698b4624503da2df47
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
3c74637b272b33ef13a311619784f25883dd87255db98acb7673be98ae6737c4
3cc2ef86bf2df52f2d5791cbf2c845535937f48f93d6caee4af477a4f78c3af2
3e193e03a229298edf1c95f0e1ebd8f41f7e3e9c2e840e021be65c8270b31240
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3e6d1176c5d058a5c3dac1c1d0cfd2c4980822257f89e9874232cbaee1de1ec4
3e83daec6130a02251e1f9adcb5b2988f32d2626c3e7a5f227ba1c3162df95cc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7f7da186fb725a209cb55c59ef2c4d8794d6d91be302be7738e2b5ee53961c
3fe16d8d7a5b0018a9a5c811c32fabe3df9555f530662ee225abd70b1fb498da
3ff9b6d3b0445fdbdb44bad2855b9f9870ceb03078d8c235447af654250eee98
4272282ad7fed99cf21178d7f48758985ce550be0d20169fa4f5ef7d397511ee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4429462b2374dfd8d837655d998c6e810ad666e1dff34cce0ba81ad61b712857
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313
4ac2e2b7b619edf1b495ffc37e37a82e1703e06de617cf94672c18be0b311c6d
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4cf27024dca8633f9f6ca04ced2a6349697135916fdb8b9d74d9d121489c24de
4d6e98d7c1dac35b4056950f7242822f5ec39410f02500ae6143f0934a192023
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3ccf8c2c2b9af713ed206e0172b4879b813bbea8f4353b4bd37b3851bb9ef5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50432d7620bd89c981b3fe4e5788a6cd4bce86f442c07e8d8f40d7986dffd69b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b4aad2f30d3357783d9b9e2e1a1c012dff77acb84ea338e8c888fef5356f08
5125a55eb763836951e1ecd81a60376a5c3bad8cdf20c648d20838e82f2580fe
5170a924bcb49afce63a034a3e47ccce736fe0f50c04bc9dd519433f71c781be
518ac6114d071a661ec95f44da7f3f142902b60802d7b2b8f00922e03e6d7d01
519a62ab9306f4f13def7d6d6a904b266ed61d161b34c455a5067cd57f96f1ef
5237ab4a7c36a333f6830bdbe93bd9a817407a5996032f61cc107c7c80a75cad
52d729ea29f757260fa22c8b6ff911e2a2ff5d889852205a86d605b7dcbbd002
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55e49278f5d363c5bcb8f4e3377b58e7bc6afafd407a7acdd2b9e4b8b35f49ee
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5658502595fb6f189e595ebed6c12baadc5aa900b6c2bcce7bbf634ec8679c95
565a965f6901f69fede67f46bd4d9f011dd562ad828cffded27e5e301a616119
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b8ac7bf8716deebf371c571dcae816105396f17f687e8b1a6b55dd1011e4718
5c4ab39fdd9cff99823ae4a996b025f5425db6050da4781d3ea4ede12436597a
5d99fd49ddd01b44f8e57941e044ed69dab805865df165054797516b813397f0
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5f5f99537085a5b766bf8d03543630228ff01581857ffd2594416504f2dc6204
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
601d52067791cdb3d53ab7091b146b91eb96cae34a84af3d6d2bd7a439ca50e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
65cdeb8c2e4409c5fa39f01bbc43a9b3402eba097e9dd59dc109435ad3743ccc
669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0
694aa20101c2b95753afb19f93dcc0816acb00bfd7fba802a6880ffa6bad2668
6a23cc9b24c807108d12f433bba3bdb6bebba90c669d6739efd41528fd5008f0
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3c845c9d6c0c489076f77bebbfaba1ac41b2b05ad6dd5abb0abc9e64d427bb
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6c71e1985a592bf55c844140c3be46cf16350c41773beb14b58f9369ceb2ccfa
6cee237405198c5d2bfbb3023724666c7472435ba9d7d46f1cba226237adbc95
6e64132e8c397c047ee4ea81d1200a00b2bdacd788c85fc8ac85d5b95f67247e
6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df
71ec2e27a9f7068342d035e08feac6abac85c6f9c80992a8e3fb4bbfbfde9973
727b7d1aa6be3039cee77a8168b1dc503825746fcddc58c61f83778c915bc18b
72895d3d03d22457d48e12d87fdf9d933aa39d2edac6d0f2d5e5371a27694aa3
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72a78d500aacaed9ea84c52c9d91f149a0b463d45850b342c048e455efcf180c
72c43ffc820c80c1fdeebe16fb3a15974ac587bd9cca625479aca515847ee00a
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980
77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3
77ddd74b7c9977a893eb72170a06603971bcf4678b9e67630a42d5d896dff3d1
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7a3ee8afd08481eb3023cf7b0c38150be12a2f04dac46e688e232b2089fb0081
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c
82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d1b1058b4dd1a0e8b7ed011445d8cc0d0e363a5f85f1b1d688c8d45232c6e4
852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2
863517b74c54c58e9f13d52bd9d318f6cb00b20c0e0ae94f9d42b7036533e0ac
8672c38e460541eccfdbdb370f8d2588acfff4ecb85be0e982616a4237ff52e9
868015ece7ce9bbf7406bc51149ed7d8e0ab57726312186b3efc6a2cd7aa056f
87595354d25d77e864d2685041c75c7fbb39c0a3adb9f662b738ece0e2440d29
87b3e9965e9b9ad4b40a8a0275c2eee49acb5445dd12f6540bdf76be00860b74
89296988b553a1c37ee245a7923e3f8573de85ad96613cc21bf67fd5216cc2c1
8935c31f7c2bbbe1e6c6d58b714f72c4f9c6b0f8d7095b74bdc333d9e5828a97
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c5ecae7f2e27227c9b2af698aaef296246fde5c5c56f599bbf3aee4f392b3fe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0
8f2a7c261243cbbb138f67e7aab68d08da9acf413efef225aa76e1d20563b962
8ff66bd5e95961b0ef181af5486785a833f982def35e19317d4301578e81c329
90682e2f91238907278d1e36d649ccce58bf45cf12c16f157308a2009547f8cb
907ba9fed2109d0304208952fd6adedd13ada40038571177d774347485e5683f
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
9322c0592ca0d89c8d9ead55b943de67151983ce85ded021bcd9c14c3551b1ee
935e8953170520efd41c017d11cc192256d0975b9ddc0716397e5707fad32d00
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
962e0598efaceb0ca367d3fcf587550d9edd875aa9652d3967481d646e128d97
983830d076f076a85f8957a9b30e0f8ab9efe74740300b2dcb7e196902b7d15b
988dbed8ed201c622e0ed81ad0a5d050ab23ecd1abf128bcef51981a551f2e7f
9932594dc608a24d9cf18ccb560a41fc3c9e5eb0ee0a82fe4c3be55f2fcee902
9a970729a757babbf53a1b34295674b0cf66e34207195a2aa8dec9aa99f8b75c
9ab2e46d4a5c942c7084d4c400660e5c048ab256310c070c8d374371c829dafb
9af7ff3e8febc36ecda905d543cd37b6f47c3e8568c73b2f33533721440e7541
9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329
9d760244cff138c1b28b592766f9d28505e39085822fa656ba6e3fc9b7524e77
9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c
9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cf7a559cce212513f2cb3038a080a32d9569a3cf6cbc61fac2b5c3284661da
a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399
a59fc37ee877f8da5810c3c20e0164401ee06d8e82233484f7d194aaf12c1005
a6657bab9b3714f0e344b2b5b479f7ea0f172c6ac783173eae919a0df1ab0015
a7d0b15f25fe9fa8c9719d7b2aff22e81d46597e1a0ecc27e4ae9526a4e1c61a
a7fba2553ac021c30a12d68cf4c4d356f891e0446bfc485aaaa72c171557ceac
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a95587924d5e599aa68f8579afdc459de1b2ba5c8b49c1245e48730570d56f99
aab2191bf1f8ee672c1e6b7e69e61e522eaad87c21b62b026705890c3f4ab324
abbc13b8fd02952a393ff9f4b725f02d43f9ebb3e7372993c8cb5316f76dc037
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9c76e58b436c190e907ee92ea72e556a1ce1e04a2be5aabb1db79ab4b0067c
ad483a4e616636b1165205d04324f8e67d47c02c6d9eca0c99d99dd1e2b56f2c
adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1
ae1f23a547a434afdf2a93c6c4d0e6db588182a685b7be83c636fbd0d7ac5e29
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0749136966e158d6d8b14b16a4306f9332c1c0fb6b29b82fcc1d64988cd2bf1
b19bc84da485c8ffd813448e4e9f11e54d9ed997f114e2dfe77760ac7bd253ef
b2c466dd2a3896a3c926fc2c01d4537a39e4fc088e50e2d7c9ccda1cff468399
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b4fd2de60b8481c96389f922d2dc242dd752caafa571b554ab37f24cac19a1e8
b510010b1ea49b86ded8ad5d032d7fa3501c86b54d85b5bdd500bfb4e8897ccb
b55ef71df76bafc413dcf3aea75d1e2a0ce02e2d1a935beea85eaeb83948da04
b56c556495a14a708f109fd9b6d7c25820cf45558f8894e5cfc44a93a3ff234d
b602ec6ff3eff493e3bd0aecd0fccae4b8a85969806487cb21359b57cab85ee7
b74868aa7a67fe02d92ade2e51c6be9cd1d01c26ddb848038c13835e1ffc1749
b7567100e20df3bc26ebb97db95e8ad419a4e87ab9e444ade798a70075ecf131
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b9be933f76eee1c4bfe2b9a0e6719b32a5bdce5a4bc15601aea168e20e13a30a
ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc490e038d5326852b3d7e2454626501505f5152acd24879d477fa91537413e6
bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f
bcd77a8de364a1afd1c68de2ecf6afd2aac5e4e1f28c4570cbc1fa7d3f64054f
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
becd488761f039c10fcb9769ac7b6f418404a7078e2540fd4ea252dfbeb7efe1
c07af69ac6b1f31bf4c0d9817761d671c783f97adad1b68c5d3db118bfe4fbe1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c275663c0bf2d8e013a6b361147a9d64e66ef58ebe7b7ca4aab58e98bdc3c556
c2789481eb03ebaaac567af091a3f7a9032d8387bab5062279694821d7c1aacc
c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c562b8b442350f327120f26c201ebf8f9e7101bbd7432506be9003181513814e
c57d9b1667805a27dca7490697875ae0fc89b17f8e05ff8256e5c2d9dae2318f
c58f8e5936475ccc1652431fb9490a3fc58a0aa7971f527e9fc9b5f5fdde7a0a
c6d4d8213ca83d7c18ba3efb1ec63520f5f77f136d1149ffe2cae00e69294fd1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
cbac6833414d4e1dee02c0649990e0871b6f297ac84b8d186e06e381909944a2
cc2b3cbe3d04b4e1c8e633bb85993b369fb74102947a165e28dacca9072c423d
cc5a99f6eb6996f777068faee5526cea00697fc3e6a2da178facc40ff050899f
ccf6bab8590bed074b9bb50cafb050482ab3d27310aa1f24e9cfd8084a1a2295
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cda39d9bc1d25d517c64207fcee35edc66deae4731e16c8dfdb60a3efbfe95d1
cdfc386cb96ae30a9a30918bec2434a76440793c217beaa72eb30d43c54b5a28
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5f1f9e584638f376c69d870e795a2d985fe50a7ed21840031eabb66f83554a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d00308e44ab7122fbe5e999e7cea842340331c2410abc8a7b47abcad7943988e
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d0aaaa608c3937f1807274795f3cbc7b0cec7b923a7e6df2fcd38b865c68ce61
d36c54decc5cf54aca6c0fcb9f52843c1b20d2a9d83946ebb82edc8f0ca0e577
d4d2499128d80aaf4ecfc5591f4ca52a40582b33357538097ab37e927a1a327d
d60936cc54d80b305e22fbaacb80d8bec9570bdddeb7a4759fb5ed97210f2e92
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6d451e072ec74f06af4020fe1df2d62790b7068944174fdb93039b79f35ac54
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8952ae412038692e1106de16b87d8fde129c20752304517d6d32a7c6aadff3b
d912b1f15a8ec1a2470ad0f6712708a3a558422b10d068b0de4b8088c0e4719a
d942debe3a1885917790b191610647c638a1fb6305332c117b5898ce837069f6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887
da19b08345e4abb1c25a74171290b6a59face2beedced6568f16ffda7192e4d9
dbbbf23ed33c5c41ee200e1515376d181f2fdff680d380546c5d22cdc0d7c895
dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4
dc0242ae1e673795bd1b4e4c517f75adf1d567211413f530f77a701c7abfd121
dc048c09a8d760da2274f28563f1733f0b12d668122d570226c35870cc939d07
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
de09f3dfcde43c61590f150ec87757827641108ec23764a72cf5fec540aa2217
de3c9164ec8353fcd5566e0bf8ea17f9f5b6ccf5d0993331231d6ed3e7f38495
df99bb7ecae0e07d926291f61c1443b3f7fceb84590b84334650967fbf2cd2c3
e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96
e1d04f2f640f20921d1bc729816fb34af95ff85a32540fe728b90ca3c7f547b7
e2464edc3b0a438d1d2f48d6f6c384e692c04eae5192e283f2aa620310ad01aa
e2a12beebbbe3d40cb502a94e4ae2e4b43db740840e622252be5381f1f57a7f9
e333b50007da5ec153923701373c90e3ff9cf4138a13e1c4e786317209586a18
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c48a6bc8f90e3869f76bf2f1b162f82fa09cc200cb63d724dfbf142b94ff4b
e6d1a998d5c1cee3937889ffb63fff03ddb2ed05830ba548a8ef7299059ca73b
e82078e20d20460f1fe9128519500e011cd7a863223d4962994af2a6cfee75a4
e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
e9af563eb5650afb1d4b95be0aa703d7dc18d1369e4402b6693119041289082a
eb139fa7734646663dca1f30b3c0cdf3607e97e8a87ddb598338dc73752105cd
eb4a0d9cc51a5189a71ba5f8141a073fcba163d4bd4e1bf3544d6b9b273a9fe8
ede3e98685145df9db9bdd8b856461821b44edacc722c15e7c8ee3a4dd05c951
ee2646eeee155827873a2d4da07b15125c2a7c229c4ff0bdd41bbf9875a4b8b5
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a
eed5e336ecde259bdd303b64a05230a79af84e3526e3cf74ff289874244d898b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18723aa0ef508f5ea3884ec43e65d59254bc5054bf748ebe6876d5c0a38087a
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f280e8da515d7d7dcb000c859c68ee73dcbc326d3ac155bd8ebb77c46ab156a4
f2a2efd979c02c7dc9bf76722c748064e7bf0006672b953aa300bb7d7b4a5cc2
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17
f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170
f49abcdbdbcc0056f22ba91c03102bb1302001050b832aa5d0ca47e6239a3085
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f609e5180b9f198663bbca1607cee06832b5dd007631a1b73802cf25175d106b
f621c1f053db4c22a038a405ad7d80460a311e6cd76d3d1e912d568411e28830
f714284844d7394bfc3eff967532a4513a2d020e8c5bc166d5b0a5067389d648
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f942830d6d2445ec31f89bf658fba50d2e909c5b6e7a3d0a5ac61d785c70c85f
fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10
fac0d95e16adbd3691bdffcd95acb20683694c19f1607b131f4b943465143623
fb0faeeadca67d5d46c1e8a6b1d6d098c293b5108d4e27157b46041bb2937f70
fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178
fbcf04045760bdd64cdb5186481030d74b9ae2f3d47e4285cf594b9f325fa8a1
fbfcc9adfd57d9b82f693afbfd7de72b3ffec2c3e3616e5005986f69ff1c1225
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fda19a8645a29c17a87fc77eefa3a40bfc9e92a6ac74933be5d6dcae8d537a3f
fdbba12c402117c31ae8c4ac6379ba10cc9af7d99db5a31c4e5c0d14832614af
fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a
fe0f5e03002d8c1e5ad75eba9fd2cec353201016df01734e6f9ee55fb6117fe4
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
ff91b424bd7d4213b1804625fe11502a7756771af41804ea1827ae328cdf187e
fff977d5d2f16e3319b9eb3248ea8a9fd35b730cffd8c2d6469bd8bcbeb03bd1
fffab59cfc7776576b8b01a070d76e2cf194e0d2b694a2dbcd77e2b37e216bf5

www.thestar.com Open in urlscan Pro 13.32.27.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

458 Requests

93 %HTTPS

37 %IPv6

78 Domains

122 Subdomains

95 IPs

11 Countries

6409 kBTransfer

19824 kBSize

115 Cookies

18 Outgoing links

Page URL History

Redirected requests

458 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
13.32.27.112 Public Scan

Screenshot
Live screenshot

Full Image

458
Requests

93 %
HTTPS

37 %
IPv6

78
Domains

122
Subdomains

95
IPs

11
Countries

6409 kB
Transfer

19824 kB
Size

115
Cookies

458 HTTP transactions
2 data transactions