www.thestar.com Open in urlscan Pro
13.32.27.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On January 29 via manual (January 29th 2023, 4:26:47 pm UTC) from US — Scanned from DE

Summary HTTP 426 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 94 IPs in 10 countries across 73 domains to perform 426 HTTP transactions. The main IP is 13.32.27.75, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 82584.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.86.4.121 99.86.4.121	16509 (AMAZON-02) (AMAZON-02)
6 60	13.32.27.75 13.32.27.75	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:8000:16:970:b940:93a1	16509 (AMAZON-02) (AMAZON-02)
21	13.225.78.118 13.225.78.118	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
21	13.225.78.21 13.225.78.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.123.32.111 193.123.32.111	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
11	13.224.189.108 13.224.189.108	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:990	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.72.172.171 52.72.172.171	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.194.76 13.224.194.76	16509 (AMAZON-02) (AMAZON-02)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
5	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.108 143.204.215.108	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.171 13.225.84.171	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.170 13.224.194.170	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.180.198 142.250.180.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
29	2a02:26f0:dc:... 2a02:26f0:dc::6853:411	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	34.251.149.144 34.251.149.144	16509 (AMAZON-02) (AMAZON-02)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
19	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	52.213.249.147 52.213.249.147	16509 (AMAZON-02) (AMAZON-02)
2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
14	54.220.90.47 54.220.90.47	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:b0c0:3:d... 2a03:b0c0:3:d0::be2:3001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a03:b0c0:3:f... 2a03:b0c0:3:f0::1bc:5000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.87 13.224.189.87	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	34.120.23.223 34.120.23.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11 41	2a02:26f0:dc:... 2a02:26f0:dc::6853:41b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1f18:143... 2600:1f18:1430:9001:19d6:7df1:3355:8814	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:dc:... 2a02:26f0:dc:39f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:6000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
22	2a02:26f0:350... 2a02:26f0:3500:14::1724:a24b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	104.111.216.191 104.111.216.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.191.98 13.224.191.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 2	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
3 3	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1 1	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
1	34.248.202.189 34.248.202.189	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	18.195.181.132 18.195.181.132	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
1	3.64.129.233 3.64.129.233	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	35.156.218.117 35.156.218.117	16509 (AMAZON-02) (AMAZON-02)
2 2	54.155.166.244 54.155.166.244	() ()
1	198.47.127.20 198.47.127.20	() ()
2 2	54.229.240.67 54.229.240.67	() ()
426	94

1 99.86.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-121.fra6.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 13.32.27.75 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:8000:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net

n511.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.225.78.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-21.fra2.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.123.32.111 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.224.189.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-108.fra2.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:990 (United States)

ASN13335 (CLOUDFLARENET, US)

static.app.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.172.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-172-171.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-76.fra2.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-171.fra2.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-170.fra2.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:dc::6853:411 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.149.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-149-144.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.249.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-249-147.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.152.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.220.90.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:d0::be2:3001 (Colmar, France)

ASN14061 (DIGITALOCEAN-ASN, US)

push.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

events.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-87.fra2.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com

engagefront.theweathernetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a02:26f0:dc::6853:41b (Vienna, Austria) 11 redirects

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:1430:9001:19d6:7df1:3355:8814 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:39f::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:26f0:3500:14::1724:a24b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.216.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-191.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.158.38 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.208.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.214 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.202.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-202-189.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.23 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.181.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-181-132.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.129.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-129-233.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.218.117 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-218-117.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.166.244 (None, ) 2 redirects

ASN- ()

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.240.67 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	thestar.com 7 redirects thestar.com — Cisco Umbrella Rank: 58398 www.thestar.com — Cisco Umbrella Rank: 82584 n511.thestar.com — Cisco Umbrella Rank: 240143 images.thestar.com — Cisco Umbrella Rank: 105486 resources.thestar.com — Cisco Umbrella Rank: 188408 misc.thestar.com — Cisco Umbrella Rank: 767248 s.thestar.com — Cisco Umbrella Rank: 271929 api.thestar.com — Cisco Umbrella Rank: 301032 pixel.thestar.com — Cisco Umbrella Rank: 344333	3 MB
92	sportradar.com 11 redirects widgets.media.sportradar.com — Cisco Umbrella Rank: 45872 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 61050 img.sportradar.com — Cisco Umbrella Rank: 37184	845 KB
31	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5696 region1.analytics.google.com — Cisco Umbrella Rank: 4470 play.google.com — Cisco Umbrella Rank: 16 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	149 KB
20	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9780 query.petametrics.com — Cisco Umbrella Rank: 10553	70 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	771 KB
18	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 ad.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 378487 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	188 KB
17	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 19377 elb.the-ozone-project.com — Cisco Umbrella Rank: 8244	94 KB
11	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 733 simage2.pubmatic.com — Cisco Umbrella Rank: 665 image2.pubmatic.com — Cisco Umbrella Rank: 872 aud.pubmatic.com — Cisco Umbrella Rank: 4113 simage4.pubmatic.com	27 KB
9	googlesyndication.com 6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	44 KB
8	kumulos.com push.kumulos.com — Cisco Umbrella Rank: 167708 events.kumulos.com — Cisco Umbrella Rank: 112731	6 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	500 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5986 adservice.google.de — Cisco Umbrella Rank: 8741	1 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 44234	27 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 291 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	52 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4474	113 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 568 cm.adform.net — Cisco Umbrella Rank: 1400	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
4	permutive.com api.permutive.com — Cisco Umbrella Rank: 1886	715 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 779	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 777	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 197 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 235531	5 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 789 api.btloader.com — Cisco Umbrella Rank: 909	7 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	360yield.com 2 redirects ad2.360yield.com	680 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	967 B
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1634	673 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	688 B
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1332	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3641	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	562 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	798 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 3490	996 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	529 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 724	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	257 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	194 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2620 p1.parsely.com — Cisco Umbrella Rank: 1995	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 912	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 148	2 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 276935	2 KB
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1833	307 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1727	360 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 502	35 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 767	612 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 757	265 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2833	553 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	590 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 696	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	725 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 308	239 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 592	277 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1512	157 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	378 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	725 B
1	t.co t.co — Cisco Umbrella Rank: 531	377 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1394	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
1	theweathernetwork.com engagefront.theweathernetwork.com — Cisco Umbrella Rank: 1715	309 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1000	517 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 304811	394 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	27 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 428	54 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 75103	789 B
1	app.delivery static.app.delivery — Cisco Umbrella Rank: 45701	32 KB
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 253511	447 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 246939	132 KB
0	districtm.io Failed dmx.districtm.io Failed
426	73

	Domain	Requested by
60	www.thestar.com	6 redirects www.thestar.com
41	uswidgets.fn.sportradar.com	11 redirects widgets.media.sportradar.com www.thestar.com
29	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
22	img.sportradar.com	www.thestar.com
21	images.thestar.com	www.thestar.com
21	n511.thestar.com	www.thestar.com n511.thestar.com
19	query.petametrics.com	www.thestar.com
14	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com www.thestar.com
13	www.gstatic.com	news.google.com www.gstatic.com www.google.com
11	resources.thestar.com	www.thestar.com resources.thestar.com
10	www.google.com	www.thestar.com www.gstatic.com www.google.com tpc.googlesyndication.com
9	play.google.com	www.gstatic.com
8	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
8	news.google.com	1 redirects www.thestar.com news.google.com www.gstatic.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
5	www.google.de	www.thestar.com
5	fonts.gstatic.com	fonts.googleapis.com www.thestar.com
5	misc.thestar.com	www.thestar.com misc.thestar.com
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	events.kumulos.com	static.app.delivery
4	push.kumulos.com	static.app.delivery
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4	securepubads.g.doubleclick.net	www.thestar.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	ct.pinterest.com	s.pinimg.com www.thestar.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	www.thestar.com bat.bing.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	unpkg.com	2 redirects www.thestar.com
3	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	match.prod.bidr.io	2 redirects
2	ad2.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	rtb.openx.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	eb2.3lift.com	2 redirects
2	ads.avct.cloud	2 redirects
2	match.adsrvr.org	www.thestar.com ads.pubmatic.com
2	adservice.google.com	10230056.fls.doubleclick.net securepubads.g.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com	www.thestar.com
2	connect.facebook.net	n511.thestar.com connect.facebook.net
2	api.thestar.com	www.thestar.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.thestar.com	resources.thestar.com
2	api.btloader.com	btloader.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	fonts.googleapis.com	misc.thestar.com client
2	ad.doubleclick.net	www.thestar.com
2	ad-delivery.net	www.thestar.com
2	sb.scorecardresearch.com	www.thestar.com
2	torstar.blueconic.net	n511.thestar.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ssbsync-global.smartadserver.com	1 redirects
1	crb.kargo.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	match.sharethrough.com	www.thestar.com
1	cm.adform.net	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.rubiconproject.com	www.thestar.com
1	ap.lijit.com	www.thestar.com
1	6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	alb.reddit.com	www.thestar.com
1	px4.ads.linkedin.com	www.thestar.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	www.thestar.com
1	t.co	www.thestar.com
1	www.redditstatic.com	www.thestar.com
1	snap.licdn.com	www.thestar.com
1	static.ads-twitter.com	www.thestar.com
1	pixel.thestar.com	connect.facebook.net
1	engagefront.theweathernetwork.com	www.thestar.com
1	p1.parsely.com	www.thestar.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	www.googletagservices.com	www.thestar.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	z.moatads.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	static.app.delivery	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	btloader.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
0	dmx.districtm.io Failed
426	115

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2022-09-27` - `2023-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2022-11-22` - `2023-12-20`	a year	crt.sh
n511.thestar.com Amazon RSA 2048 M02	`2022-11-03` - `2023-12-02`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-01-11` - `2023-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
cdn.liftigniter.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.prmutv.co R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.liftigniter.com R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.ozpr.net Amazon	`2022-05-08` - `2023-06-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.kumulos.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-03` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-07` - `2023-02-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
engagefront.theweathernetwork.com GTS CA 1D4	`2023-01-04` - `2023-04-04`	3 months	crt.sh
fn.sportradar.com R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
pixel.thestar.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
img.sportradar.com R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 9354429FE1F34FD04CFC51C9DC5F3C11
Requests: 334 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Frame ID: 2FD1E59A5860190FE608B162C0277E41
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com
Frame ID: 61CAC82DCB6D077D2E90F5FD6BDCBAAB
Requests: 13 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 325EC352135AC620A262B21DBF486239
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=akrx8hmt2fdq
Frame ID: 5C42DFF749E9DEFE149F7617C957B07E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: 399E9A6CB63F371F79D20EA9D73B0E45
Requests: 11 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: D4DFF5428B53AF33D5C284A4B00F114B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 11B214FCD6045CF1DBC972CBFDA18DA9
Requests: 1 HTTP requests in this frame

Frame: https://6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24B653F23E882AD4BE11C802AC73D227
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=21dfbc9c-0b73-4b45-844d-c9a17661b707&publisherId=TKN100000001&siteId=4204204311&cb=1675009599308&bidder=ozone
Frame ID: DDE3C75A89356CC93F05CCB31CF19AC0
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 298D1D431AABA0DD9732501AA560AACE
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=
Frame ID: 49A490EE72A2356B3048C9EC14ADEB4C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:553763d6-9e43-4a00-befb-7753d337e8c4&gdpr=0&gdpr_consent=
Frame ID: 177D5631589EB01A52F5F1CE5FB5A50E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8733455583751861714
Frame ID: 55A600ABD51C4A72337B3248AE8E7808
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A81CDC1A2FC7D8DE80105E676E2EF1D1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4
Frame ID: 201C3B1A02C008E23FEE75C9E98A514C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: C6E839DDA981F4253C796764AC951BC6
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0F96A45B501A5DF46DB3580451D3CD1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE3F44424C1DC2B94E89DC2D5E223881
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE18776E6B101CB56DF4979B92A73908
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Toronto Star - Breaking News, Toronto News, Ontario News, Canada News

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

426
Requests

91 %
HTTPS

36 %
IPv6

73
Domains

115
Subdomains

94
IPs

10
Countries

6168 kB
Transfer

19174 kB
Size

111
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://news.google.com/swg/_/ui/v1/serviceiframe?_=465280&publicationId=thestar.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com

Request Chain 98

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.1.1 HTTP 302
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Request Chain 113

https://cm.everesttech.net/cm/dd?d_uuid=25248230310320063220652621130009062680 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9aePwAAAN1MawOJ

Request Chain 249

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Request Chain 250

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Request Chain 251

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Request Chain 252

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Request Chain 253

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 300

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543539 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543539

Request Chain 302

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543541 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543541

Request Chain 304

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543545 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543545

Request Chain 306

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543543 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543543

Request Chain 308

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543547 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543547

Request Chain 310

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543549 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543549

Request Chain 312

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543555 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543555

Request Chain 314

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543553 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543553

Request Chain 316

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543551 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543551

Request Chain 318

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543557 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543557

Request Chain 320

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543559 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543559

Request Chain 324

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 330

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1675009600821%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJRFBhpcGKwIgAAAYX-Wi80xoHKupWlmCE0jPQpO1P8jDztxoeiEMfmakfZ5TJ37Ezt_OA

Request Chain 378

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=e2198559-0755-448e-be75-75fa3b1b21d7

Request Chain 379

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3226327988804076983705

Request Chain 384

https://c1.adform.net/serving/cookie/match?party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=

Request Chain 385

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:553763d6-9e43-4a00-befb-7753d337e8c4&gdpr=0&gdpr_consent=

Request Chain 386

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8733455583751861714

Request Chain 388

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4

Request Chain 389

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Z9i-BvjrSiGZXC77pr86Bg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 391

https://pixel.onaudience.com/?partner=214&mapped=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 392

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&addseg=19,36,42

Request Chain 393

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEOEJFMDYtRjhFQi00QTIxLTk5NUMtMkVGQkE2QkYzQTA2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB6SPa9EMcYB8q3iTFiBSIc&google_cver=1

Request Chain 396

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2363075568268335670

Request Chain 398

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=2363075568268335670

Request Chain 400

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y9aeRGf89YHZLS-NFiBmgwAA%261220

Request Chain 407

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-wGWPyvVE2uFuX.ANlmQNrAhsi6leNT.5YY9482k-~A&gdpr=0

Request Chain 418

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1be8ea3f-23c3-4ec0-a38b-efabbee28a8d

Request Chain 419

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3984613629620542077

Request Chain 420

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=090660a1-bd78-43b7-80e3-d61132f4d8a8

Request Chain 422

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=006fb40c-d02f-4a11-961b-e54d6646aa0a

Request Chain 424

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADlPU7HrT0AACIJvLUfWg

Request Chain 425

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=570631288278613345

426 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

624 KB
107 KB

21ms
21ms

Document
text/html

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

8192de82e6ca67f29df000e5e05c84f9ac8a1844c1bf4dcee59d22eca90bd4b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 88
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 16:25:09 GMT
etag: W/"9c07b-vLZKpxfD/6X4fls87skg1OzfmKA"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-id: lrkBBoNzuPd18P72ycXzBpJjYSPd5d8YazhRokQH9V9Wp65ARhFDEg==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Sun, 29 Jan 2023 16:26:37 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-id: wlc-APoA1GFbbmljRdwn2Rj_yrZrXNBkNsXLK9Vzm5UrpFfoEmGXrg==
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 23ms
21ms Font
font/ttf 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:36:43 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10194
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"6028-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: w8OpRV6GbheDxutCoga788QmLS08_rhn9GhkNZnii_q7MqkfjH7jvw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 31ms
29ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:01:50 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8687
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"478c-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: zSC6KXBCj9CEQjj3kPRtQf0qbRXiWayAMBh7miP5JXjkbCqiobrGGg==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 37ms
35ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 12:51:01 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12936
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4764-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: YS1QlpqvFKHSqhu7pv6XzNn8kiX0YiFRU-krPrtLEkW1ISCDMbLsPA==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 34ms
33ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:36:23 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10214
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Mecqc4L8swi8lIaSHFsFaKCcMwsY0jvU_yaHaWrnvBd8BM58mzPhLQ==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 38ms
36ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:27:28 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 7149
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4930-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: L7nlnhIPkg06Y3p0JVXUEnLf0GbvXF68fI_lb-naS3GVxqgsq0JFiQ==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 38ms
36ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:00:14 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12383
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: kzhc6S28QocUNeunnDTdGojKSm5v5UY0midfxyNaGbMsdR4-MnpWVA==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 29ms
28ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:58:53 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1664
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 0C4qL4sV0gcwi-WiObkgL7PW0-ihY-e01Vush-DC4fIs_BavZmAfCg==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 26ms
25ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:14:36 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 4320
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: e7_BlOT5HnoXEFgX0FWUOI_ddDEnfbyacUd7gSGLjyJuqTK-GDHe9A==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 39ms
38ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:08:07 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8310
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d610-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: yC7qBRBy15jy5zD5cFmLuAXIXwvnoQ8-YeSIG7dqi2IbEquTmc6Eqg==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 35ms
33ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:43:17 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9800
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d420-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: _gM5Njmb5OP-7aea25beGP-oBg6z98AOkokcm4RNuSS19fZ3bOyd8g==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 54ms
9ms Script
application/javascript 2600:9000:20eb:8000:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8000:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:22:43 GMT
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 26113
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: VlKzbTvd5kd0JnqajPnZ4RfyuQRlXOuWePg9xM5tAIdlTJHtaPv9Gw==

GET
H2 200 script.js Show response
n511.thestar.com/ 138 KB
41 KB 61ms
9ms Script
text/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

df146eff73a4a1f30553e20ee178c345d8c6bf1926cce23e64072b62ba30e742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 368
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41792
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Jan 2023 16:20:23 GMT
server: -
etag: 9985fa3511b00cd0f8ef60ffb20eaeda
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: CLppATgvNYT_ZrJ4Y3mWWS-nPszvZIT7H1Zsk1YeIsEJpEudkiPlnQ==
expires: Sun, 29 Jan 2023 16:30:29 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 161 KB
50 KB 103ms
24ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1936d94a7cc2ffa181c260469cd7fd27c8b96fc9c255ef3e954b1ac445b7a26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50295
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 16:40:08 GMT

GET
H2 200 _1_hazel_mccallion_main.jpg
images.thestar.com/E10PAHI6h8W5AWViA8hruTdIHSM=/0x0:1157x771/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/News/Obituary/2023/01/29/hazel-mccallion-longtime-mississa... 1 KB
2 KB 62ms
8ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/E10PAHI6h8W5AWViA8hruTdIHSM=/0x0:1157x771/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/News/Obituary/2023/01/29/hazel-mccallion-longtime-mississauga-mayor-dies-at-age-101/_1_hazel_mccallion_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4b37891677b34e2ca262a83c112c76598b9b880adcb2ba71bba9e9f388ed42df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:38:39 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 10078
etag: "40561302ee71a590a517e6d9c4949880f09b8c40"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1390
x-amz-cf-id: lLTluc5-EV-XK6kcfVFcrH764y1Mf28z1AXurliOP_TSCsqJZ9Bgsw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 74.css
www.thestar.com/static/ 6 KB
3 KB 13ms
12ms Stylesheet
text/css 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:10:37 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 960
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"19a0-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: Dx4dPub48u8DuBsFvwYs2NY7UJ86bkVuT9iEd5X3OG6a-N1kUj8Hsg==

GET
H2 200 bundle.css
www.thestar.com/static/ 405 KB
62 KB 13ms
12ms Stylesheet
text/css 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e641c65f0ccda870021634b66599d861117c4f93f03ef209736d8d5fa78462ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:58:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1678
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"655b3-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: 4oHIvOARWVqk3AqZzZ4PftvCxSBKv3cpjBzBSZr8nENyPmUqUs9AUA==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 432 KB
132 KB 109ms
76ms Script
application/javascript 2606:4700::6812:1af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 2624
x-guploader-uploadid: ADPycdtkn0xI07ooNws7IsRBYbEp4qHb97Ac1APe2mPi-GmYyTDneKMPUNzaKwhjlEzWfTYAlvsnlWuV7Ns_XqXwA2UpVA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 14 Nov 2022 10:17:23 GMT
server: cloudflare
etag: W/"8f00ae526705181d9b929b25770b0584"
vary: Accept-Encoding
x-goog-generation: 1668421043825607
content-type: application/javascript
x-goog-hash: crc32c=wf3MGw==, md5=jwCuUmcFGB2bkpsldwsFhA==
cache-control: public, max-age=900
x-goog-stored-content-length: 139051
timing-allow-origin: *
cf-ray: 791354a36ccf9205-FRA
expires: Sun, 29 Jan 2023 16:41:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 248ms
158ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf79b9aa07bca3a96720a477c5ec0d5e579f61ce4ee7dd6b6e853145de4b964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: sffe
etag: "1466 / 143 of 1000 / last-modified: 1674860937"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 29 Jan 2023 16:26:38 GMT

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
485 B 11ms
7ms Script
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:17:51 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 11326
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"16-185cea1ac20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: IKkPfBiexdDJpagwV5iHf34mW3pcE1ZjhYoigUvV1BvGOkHjBPllaQ==

GET
H2 200 tag Show response
btloader.com/ 14 KB
7 KB 57ms
23ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99431bbe9c76016ad16ba292c1c2d2d1c382ceff0050bdedbee2cdde7ab6adfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Jan 2023 16:19:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 412
etag: W/"edfa6686a78f9ac11244f4d57cfccb9d"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0nhz4hj3eAsphnpNfbzBTTkxuYvlL%2BDSm2c4jYIIc82xbPRRuzPxoHBa%2FOSFdChMq9W0CCT8NuGdqf0MGJcchjtrjNKwNBzI21Qfmz8oY6zzN5rrwPTwHxI5%2FjKluXi9Mkm3QDE6vTNMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 791354a3a9aa699b-FRA

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 31ms
28ms Image
image/svg+xml 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:16:58 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 11380
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"1df3-185cea1ac20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: NL4sX2dkz7gALgdQntwwumMT5oiI4Ugy9KpSMcQed2-pdQoj6QdMsA==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 27ms
24ms Image
image/svg+xml 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 12:29:54 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 14204
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"24d-185cea1ac20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: F5Bqb0HGjqFAY-8dHfZFj2CbquPvi5WXkjMpSEqY_PNHArvSes0_VQ==

GET
H2 200 _1_hazel_mccallion_main.jpg
images.thestar.com/UHZi54-amSd0eETBt_-nSQrEDGE=/0x0:1157x771/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/News/Obituary/2023/01/29/hazel-mccallion-longtime-mississ... 18 KB
19 KB 11ms
8ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/UHZi54-amSd0eETBt_-nSQrEDGE=/0x0:1157x771/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/News/Obituary/2023/01/29/hazel-mccallion-longtime-mississauga-mayor-dies-at-age-101/_1_hazel_mccallion_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a19e53b3a53c4396e4e373f41cc55fe475e79689d2cc6eb46969ab6dee75644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:38:57 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 10060
etag: "05f551b662338f291d34f0a67b78a4ffc0c5c000"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 18698
x-amz-cf-id: XtghxucbJMkrMFIG4ZgIAIs3kpl11T6J3wmVL2LNRswWwzfHhvF1WQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
482 KB 12ms
9ms Script
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

dfe15d83d6f54bbde676e733f61e8c58abe5487d3ae2f7021bd01a19f7c2d97e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:58:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1678
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"1b07b1-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: fGKYVHWcrk2yE70QHO5jGsYWlKASQqS349TyVHljgqqS_ijJ-Zd8yQ==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
248 KB 12ms
9ms Script
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=3915f67b

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7b05ee7daaed99de5a81ba0c9ed1e49e36d42600e1385a886518a35a479709a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:58:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1678
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"13e6c2-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: BTiW0VDSj3pwzBpXGkq9fu0O55v6V-2Rbgpo0T0pWwYyVAL6nTwVfQ==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 11ms
8ms Script
application/javascript 2600:9000:20eb:8000:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8000:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:40:19 GMT
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 42656
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: v2cZH2i20XYryG0318ClPMUu2bLQQ7lkViXxETGxP8uSmG2ezgL9Bg==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
3 KB 11ms
9ms Script
application/javascript 2600:9000:20eb:8000:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8000:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 07:21:40 GMT
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 33789
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8590UL68L0ZrgnnUuZ6FNj8_KeOM_ad3QzPwNAbh82O32xI5me6T7A==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 369 B
447 B 142ms
13ms Script
application/javascript 193.123.32.111
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.123.32.111 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 2d4d3ba86e7a2b0345f22f04349bfc732ae32178f56458900186154777194139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 369
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 355 KB
77 KB 93ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:36 GMT
x-amz-version-id: bRkU58zxqB.B8DY6D1JB2YMA.01sls6U
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:32:31 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"fad43a398d3c06f6012455992faf0e91"
age: 3243
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: LRQN4owK-y0BiZTWstYNyKs8HfsNZ2yB4OFiiFYzkn5Br9GsuexJ0w==

GET
H2 200 main.js Show response
static.app.delivery/sdks/web/ 128 KB
32 KB 58ms
22ms Script
application/javascript 2606:4700:20::681a:990
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.app.delivery/sdks/web/main.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:990 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:00:54 GMT
server: cloudflare
etag: W/"61a0cc76-200b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oK6ccI9BydvyW7yjPEjUIrjK0utH9cvLmkEVjNYCqGk3hmsKrgTD%2BzCY0Zjsl%2FG76A%2BQ6W8qIBwjm65Dz7SqRUKk%2BIWMaRGI1yLjjV9NRHgrVpGkY5ly8S9KxNhTqN4hbMWeSFmiXk3iQIH04qMolFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 791354a3b99130d2-FRA
expires: Sun, 29 Jan 2023 17:18:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
86 KB 122ms
46ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db6f3a2dd6582d9c51b5d43a03680b4bdcd96ee61d03325c891078180579f7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87198
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 69ms
27ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6dd3a02363544c6650eff6a4685496c0faf4f9a7ea00f09f8438bb66f3ca3066

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 29 Jan 2023 16:26:37 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
699 B 322ms
102ms Script
text/javascript 52.72.172.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json812

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-171.compute-1.amazonaws.com

Software

- /

Resource Hash

3feb83182ffe2bb417792664f490d013302bb17033f5f5eee6ff204cbb2bef0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 14ms
13ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 29 Jan 2023 16:26:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:10:55 GMT
server: gfra1
etag: "63d11c4f-e87"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3719

GET
H2 200 opa-74021bde9081c83799a0980273db90d9.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 10ms
9ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 29 Jan 2023 16:26:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:10:38 GMT
server: gfra1
etag: "63d11c3e-6ff4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28660

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 96ms
94ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D93846A5CFACCB03A8477788B5FBA10EF&h=30b5263f9ce8427d9f6b14c38c050a97&r=0.333715795034089

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:37 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 37ms
9ms Script
text/javascript 13.224.194.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-76.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 29 Jan 2023 15:47:31 GMT
Content-Encoding: gzip
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 2396
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: m2OTLKMS9lprkQtR6Q3fYtOs0YTDagtzfJRRnntMj5yYkrZDdqAt8Q==

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 20ms
20ms Stylesheet
text/css 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 16:37:53 GMT

GET
H3 200 vis_opt-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 227 KB
64 KB 9ms
8ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 29 Jan 2023 16:26:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:10:55 GMT
server: gfra1
etag: "63d11c4f-10094"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65684

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 231ms
25ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:38 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 197ms
22ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37750
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 20ms
8ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:10:38 GMT
server: gfra1
etag: "63d11c3e-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 24ms
24ms Image
image/svg+xml 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:13:06 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 812
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: XmGUJXjlJz0scduQrKEnltMi0U6BWO9Rea8L9cp0RTHjRSngMNjyUQ==

GET
H2 200 _1_yashy_murphy.jpg
images.thestar.com/CDPMLROrnQDHudxiSaALKuZhbDk=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/01/29/two-glasses-a-week-why-canadas-new-al... 23 KB
23 KB 10ms
9ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/CDPMLROrnQDHudxiSaALKuZhbDk=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/01/29/two-glasses-a-week-why-canadas-new-alcohol-guidelines-have-us-rethinking-our-relationship-with-risk/_1_yashy_murphy.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d5bd8cfa91c0acd4f28da136290630444fedee8fd16808bbe315d2f380744e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:37:20 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 10158
etag: "59dfe0fd8146b8751ea32a6e83de3069ea82a717"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 23444
x-amz-cf-id: Al9dIjczR979V2Ug4jwyd1pWXJEbVzqdLYC_CsTh5wfGWli0lHlnYg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/ Frame 2FD1 12 KB
4 KB 81ms
30ms Document
text/html 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13673140e8b594d1fd056e71176f4cc7c1959bd7a0d3ab3edcb63b4e3125072c

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 209
content-encoding: gzip
content-type: text/html
date: Sun, 29 Jan 2023 16:26:38 GMT
etag: W/"77bbb5873c681975f6a59fe5d593ca4d"
last-modified: Fri, 13 Jan 2023 17:52:43 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id: jxqJdq2gGMRR2Gn0YNtcuCgnz_ReZ-SEsJPMCeGJgkgDCrzPWHOutA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: Ze9hsB9MUAuiRZYdqM9fR.DMvRjeAQSp
x-cache: Hit from cloudfront

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 57ms
8ms Script
application/javascript 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 00:58:05 GMT
content-encoding: gzip
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 55738
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: v8RN_v-pxkXweD6DjcApbCzhPbT3HQjt1MiEd0wp02170oWHF2-zTg==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
523 B 420ms
390ms Image
image/gif 13.225.84.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-171.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 29 Jan 2023 16:26:39 GMT
Via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: Vu0hDgtqxMi7KlhVzJ0Awg6OnEFPfWODyR5DmI10pITlJgwbEcWAlQ==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 42ms
8ms Script
application/javascript 13.224.194.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-170.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 28 Jan 2023 21:05:30 GMT
Via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 69668
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: EwCYYkbCLUkM31zTjzt2qROi7wJ7ZzuoCxme3fYs5DbLpnC2ogQT8w==
Expires: Sun, 29 Jan 2023 21:05:30 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 158 KB
47 KB 105ms
27ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=465280
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
x-amz-version-id: LckRkWNbGAnMM4fPWbwH3UMp93SHfXGQ
last-modified: Tue, 27 Sep 2022 01:29:26 GMT
server: AmazonS3
x-sp-metadata: HS256.CM7Y2p4GEokBCiQ1OWE3MzRlZi04NmY2LTQyMTctODQyMS04MzQ0MzA3OTZkY2YQuIjBu7Wc/AIaBgi+vNqeBiIOMTQ2LjcwLjExNy4xMDIoxIECMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ4N2I0ODg4OC03NzQ5LTQ4MWQtYjIyNS05ZWJmM2Y1NjUyY2YYqPACIhgIAhIUY2RzMjY3LmxvNC5od2Nkbi5uZXQ=.dhEwR03hINnXpXSi4L4KtdSOQuCrbVivd4iNJzhXYjY=
x-amz-request-id: FYXETHQYGTKQTFCF
etag: "5c0507320302161578b77871f0306c36"
x-hw: 1675009598.cds221.lo4.hn,1675009598.cds267.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 47144
x-amz-id-2: UyBfmKgJBxC/ox484mBQeU4WjukLQIRpDyHkJjdDLYx0U/H0F2liw/+Sua22BPX/RUXiJQ0LyyI=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 191 KB
46 KB 46ms
7ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:00:45 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
last-modified: Wed, 25 Jan 2023 21:28:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1554
x-amz-server-side-encryption: AES256
etag: W/"676ff20d9a1610954eca1e1b18855dbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: XQ-J8SMGqkCSEjaFETKozvcFud0K1DcsAPjAWkz1y_V4uOAHzvNM1A==

GET
H2 200 star%20chevron_new.png
images.thestar.com/7kVMbBBcg_hRWiTIJRbF-7jQDck=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 11ms
10ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/7kVMbBBcg_hRWiTIJRbF-7jQDck=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/star%20chevron_new.png
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aab2191bf1f8ee672c1e6b7e69e61e522eaad87c21b62b026705890c3f4ab324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 02:57:04 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 653374
etag: "ac126458f87fb5bd90a7b5b8d78aaf8de2104304"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2568
x-amz-cf-id: a-d7l9wxVmkJjGzfdFW0-dHKwspLFJR8vl3a_GCbxYOVAgJS4hH0zA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Cohn_Martin_Regg_logo_2015.JPG
images.thestar.com/Lxby2C4VDsuLK-aoa64FTTGS2uE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 12ms
11ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Lxby2C4VDsuLK-aoa64FTTGS2uE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Cohn_Martin_Regg_logo_2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: da28bf2e84f3c665cdc032009284db31ef760cc2af92d663d74f698ed03aaf30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:30:11 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 1958187
etag: "643d3b3e69fe6dd50ee5caa5cdf452b7e36067f6"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1652
x-amz-cf-id: FxOOkyaeAOo8QxgBZe70pt4Q-u57zOyr0DbxxxwkRAxHvYsr3Gv8KA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gta_snow_generic.jpg
images.thestar.com/U8Z9ZG2tFGZqJtcrMH-_n_gv2PI=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/starweather/2023/01/29/toronto-to-see-up-to-another-five-centimet... 22 KB
22 KB 28ms
26ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/U8Z9ZG2tFGZqJtcrMH-_n_gv2PI=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/starweather/2023/01/29/toronto-to-see-up-to-another-five-centimetres-of-snow-sunday/gta_snow_generic.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0bf0e06297d2d27ddb9c387dda085217093e26a9bbb04683765ff628ba3c993b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:42:34 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 2644
etag: "4acc800c8cf4f6b27b2f415ac1643a346b9dc03b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 22664
x-amz-cf-id: a4EFVAxWGbQC-kEj0n_YJrFCx5DyqK11kYFzpUYN9vl0fJPKoDw4RQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ci_danforth_assault28.jpg
images.thestar.com/v7ONj4Odu_v3zYfGQ5H6xTEQmjU=/0x0:724x483/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/01/28/police-searching-for-suspect-in-danfor... 53 KB
54 KB 12ms
11ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/v7ONj4Odu_v3zYfGQ5H6xTEQmjU=/0x0:724x483/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2023/01/28/police-searching-for-suspect-in-danforth-avenue-sidewalk-assault/ci_danforth_assault28.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7586d84068cca8c3df5780990787f036c72ea07dcfe6c50b133938122c8b6c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 16:21:54 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 86684
etag: "e7e17149c16451a584be8264fd1d05687dfa0d7e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 54420
x-amz-cf-id: FRTmqb3ykGoN5p1bNojVZqh_0Y-rVu5n2wxL9oLB-x6I0gK-bbsNdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230127100148-ff45cc37fcb795be0ee2bf0cc8276f8bf2f3e2732117ddbfd85368186a7f1880.jpg
images.thestar.com/ljB7vYtxSdXXjQ30IfuREpn278A=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/01/29/five-things-to-watch-for-in-the-canadian-business-... 98 KB
98 KB 13ms
12ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ljB7vYtxSdXXjQ30IfuREpn278A=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/01/29/five-things-to-watch-for-in-the-canadian-business-world-in-the-coming-week/20230127100148-ff45cc37fcb795be0ee2bf0cc8276f8bf2f3e2732117ddbfd85368186a7f1880.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 86346fe615589c6005a71a42f4ad6b6b0366f3fd7c43ed5242849ad8cf06ae75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:12:54 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 4424
etag: "269fb2c17338dad02b57c34a14833cc924ba1743"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 99986
x-amz-cf-id: 7UHlTVkXx_HLOyxDN02RugtJc8OFFsGbrmrplKJbPD6C4ECIi1IzIA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230125160132-b3aded6e8bc4f96864918f75c8cff6550d22ba58e1380109337572e77b576a7d.jpg
images.thestar.com/26EzUcTzfGlYHqL9mC883Q6FmCA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/01/29/alberta-landowners-fear-repeat-of-orphan-well-cris... 36 KB
37 KB 12ms
11ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/26EzUcTzfGlYHqL9mC883Q6FmCA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2023/01/29/alberta-landowners-fear-repeat-of-orphan-well-crisis-as-renewable-energy-booms/20230125160132-b3aded6e8bc4f96864918f75c8cff6550d22ba58e1380109337572e77b576a7d.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 619c8a1bc32e98b1b83b396ac6229cb9569c422c061fdd52af03120011f6d2b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:10:36 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 4562
etag: "36f894a36c5c16cc28bcc029191f1550b8590c45"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 36994
x-amz-cf-id: DEvG4rbUOdE20Ux3aCK7x--_YXDJ60kEJwJ1U0uAiIiU5PCbfaZZOg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230129090148-f1fa2b2553093833a81f10cc75db4b16645601da1690fc22c33ca35ba05714e5.jpg
images.thestar.com/fGSy8GlV9mRPkn8S6Mck9ZGyMKA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/01/29/majority-of-affordable-homes-approved-under-federa... 61 KB
61 KB 12ms
11ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/fGSy8GlV9mRPkn8S6Mck9ZGyMKA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/2023/01/29/majority-of-affordable-homes-approved-under-federal-program-not-yet-constructed/20230129090148-f1fa2b2553093833a81f10cc75db4b16645601da1690fc22c33ca35ba05714e5.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 622fa336b2a47e69815de4dad662a02f77c4b830189f187a8041d6618a6df9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:04:40 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 4918
etag: "d3478b536ca46fb47614159e73b95e0ba2e27f56"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 62390
x-amz-cf-id: JG1UygROQLuWEB8ZkJGZow6O3c2fIPoRJVlS3FSAE2RjxRO2AIXLFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
947 B 44ms
14ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 549608
x-guploader-uploadid: ADPycduqhH9aYxDx3II-2FyG57717ncdLlXzgT2uvhdli4EafgcSUlRmhd4QmYhqRQi5dYqML35E61Vh6hCfxZCB0gKBFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB9i3QaBZ8ouy3PdJiJlA7ZaCd8%2FpOw4phB3SwGzGfK1%2BM%2FrrXk%2Fi1bPuxPdRmnOFAt%2BwPGr%2FBBPg8M4nSmUhcDN8XOdDmJZeykM%2B%2FPCIkTffXlA84VZp00mbr%2FMcTknj4vdKnHDFiTfrOxY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 791354a488222bc1-FRA
expires: Mon, 23 Jan 2023 08:23:10 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 95ms
20ms Image
image/x-icon 142.250.180.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:32 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 27ms
17ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9263360727531991
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 549608
x-guploader-uploadid: ADPycduqhH9aYxDx3II-2FyG57717ncdLlXzgT2uvhdli4EafgcSUlRmhd4QmYhqRQi5dYqML35E61Vh6hCfxZCB0gKBFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nBr3NeCMsQyUVVKkg%2B%2B5DTKCcpzP0hT%2FujYsVCuCZPqjwTSS0AeDbdHoZh6MGQ4IeZgrmsI2J8wF0eW8i8GOTRDNoGRZg0j7kYYFMmcyZ0im9cj8uAW05GX3vTSYwU0R5IDf%2BMeB2hbl50coA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 791354a488242bc1-FRA
expires: Mon, 23 Jan 2023 08:23:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=3915f67b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2ff0288afa8c8622993865ca857cd48628a3dfba7d5a260ce6be49b4603a1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27629
x-xss-protection: 0
server: sffe
etag: "1466 / 966 of 1000 / last-modified: 1674860850"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 29 Jan 2023 16:26:38 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
424 B 198ms
198ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: iyRwag9Y0IIkDdRieD_jdSpFY2C9VGkuTDxy58BbrzLP6ERmOoqXhw==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
424 B 215ms
215ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: VOXD7y7f2Hb7IUs4VmyPuhsKFIcDmESjsTuLIh-R9h21WD3NBkqXOA==

GET
H2 200 widgetloader Show response
widgets.media.sportradar.com/torontostar/ 317 KB
70 KB 1235ms
1130ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=3915f67b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9de0449a47376f5ebc870b7ff16353a96b80aaf573a7870e82ada3a620c217e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
etag: "313b920d20de25f8667a2109faa8b688-2e3c5fed8245011919ac44c399c8cecc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
content-length: 71227

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bba9449f664ef587b3f14043552b6e79a2a86547ffd0bf0047499b712f819b5

Request headers

Referer
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 21ms
20ms Other
image/svg+xml 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 16:31:11 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 61CA
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=465280&publicationId=thestar.com
https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com

16 KB
7 KB

158ms
157ms

Document
text/html

2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dbf0e18e98991bd39435c652835613a2977a84e403ace49da1c504aef620fb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kjml2WIBN2P6oU0cR2OVZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kjml2WIBN2P6oU0cR2OVZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 29 Jan 2023 16:26:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-sG4tEr0hAUze1Ocwo6qj-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Sun, 29 Jan 2023 16:26:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 66ms
16ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e8f2683793c687efe38e55f2effd0e4e0440e3d0f694189a2035e8d16096cf4c

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
820 B 29ms
8ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:38 GMT
AN-X-Request-Uuid: 8f05e5c0-6434-4fcf-b710-b4d12b3ebaa7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.102; 146.70.117.102; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 254 B
364 B 67ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170

GET
H2 200 css2
fonts.googleapis.com/ Frame 2FD1 4 KB
1 KB 50ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:27:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 16:26:38 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 2FD1 207 KB
69 KB 18ms
18ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 16:26:38 GMT
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 170
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7mO1HtDOG-CAQ-YnI8gpYtmo15Esz_M9zSv-CGIINXbT9o8_o0nZNw==

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thestar.com/ 2 B
59 B 160ms
159ms Fetch
application/json 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
report-to: {"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 230ms
35ms XHR
application/json 34.251.149.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1675009598672

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.149.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-149-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f4cd963cd247f1256060c5335ba6467cc929ab96dc9dedfaa09790655942cec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: +O20vXJmQ1I=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 324
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 11ms
11ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:45 GMT
x-amz-version-id: UK3unsjhygJKZZEBhjoF9hyJZJBeiHUu
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
age: 3234
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: d669MZe_2e7Ni8L_AUE52jX4e6q6QYiI6huhdnWSVosl7Knyt7dhJQ==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 8ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:45 GMT
x-amz-version-id: 3PhIJRMj9Qsfs9sPWGkv4krVICikMyr5
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"b89fcb8870ac40eecb6d3cc844d35389"
age: 3234
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Srosg0QgX3l7mRaNF-xHsGgQ98z2Sj-v8sUoSysUcFDyaVb7zRb2RQ==

GET
BLOB 200
OK 89003727-9ae6-4d9f-86a4-384366abd425
https://www.thestar.com/ 193 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/89003727-9ae6-4d9f-86a4-384366abd425
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 197465
Content-Type

GET
BLOB 200
OK 3fddc863-2815-4015-b75d-aa56fbd56651
https://www.thestar.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/3fddc863-2815-4015-b75d-aa56fbd56651
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 20393
Content-Type

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 56ms
7ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Sun, 29 Jan 2023 06:58:20 GMT
content-encoding: gzip
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 34586
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Y5Ksl7amiDU4m2OL5RBHYWJE5ekhFZXcMyc3UslzhX6N6dvmmnILMw==
expires: Mon, 30 Jan 2023 06:50:12 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
8ms Image
text/plain 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1675009598694&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: LmY-xSiXhe34ZqqaRxIlsfLlMXjGwu-5FM7A6VAwkAMJTBeauq1bsw==
x-cache: Miss from cloudfront

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 143ms
118ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 144ms
119ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=VFK4IZ1r&w=5166328627855360&o=5071905434894336&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sid=0wVJt1rVu&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 8ms
7ms XHR
text/plain 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:32:26 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 21252
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: bwNre8cfSs4LXEuTd_kkVk6OzgORr9KcIZon3Gg2_FC0F4IqjmTyLA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 04:19:57 GMT
x-amz-cf-pop: FRA2-C1
age: 43602
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: IaVoUIt7b7nticnQiRW1DdvhSq6GPXYeZlkZmRn2nMmTApegOPJU-w==

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 244ms
25ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9da67687384b598767b4260136a6f044347c6ca5d9cdfe40635c884dc0b80fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:38 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26227
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 49ms
32ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: bebcb1e36b7e16f157f65f773ab4ebd0e9fc44d404c74d9b6c87319c460d209f

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 11 KB
3 KB 280ms
248ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6ebf382cc3804cc14c8d3e19a7bb50245b0225e857c17dbe0d8f88968a9d881c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 7 KB
2 KB 232ms
203ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: e56f67449f25398288a2c25c6bdf734079397d830cfaf4abd9c0dc0640858ef0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 12 KB
4 KB 210ms
185ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 44e0aa797a6220d507ba3b4ab5f8143b52b287b8b69160874773509624b383cf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 11 KB
3 KB 242ms
220ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: de45525cb5a95067bb65d8d292609c0ff4c0fd489cfe611a5df8ff14c9accd6e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 9 KB
3 KB 213ms
195ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: aa64c453ff31a5ec680473313259702899e85066ba55fc24fa037c70ae7b624e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 5 KB
2 KB 215ms
200ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: cfeb411c3054928730d8f38d48bee2c32f34700eafa49ca50b65ac35c9c2d198

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 12 KB
4 KB 254ms
244ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 779752718ebaf8ecc4695614b62fc15664cdfadb259edce25207230112042ae8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
175 B 148ms
133ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=pageview&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1274&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=6&jsfv=nbc&ts=1675009598740&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 127 KB
22 KB 475ms
474ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/811?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2023-01-29T16%3A26%3A38%2B00%3A00&ts=1675009598767

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

046395b32b0cb5a3d41914415d0c1e0ff914800e6d5a1ece93fadef930fc37fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 21341
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lOaSogg6bbIJvCOJCFTnXm00yAoa3tjwXmJX02R1lbTxLdJnSOnaYQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 21ms
19ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Jan 2024 10:14:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
136 B 94ms
52ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 0
expires: Sun, 29 Jan 2023 16:26:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 16:13:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 29 Jan 2023 18:13:15 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.1.1
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

7 KB
3 KB

24ms
24ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1621572
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GPEV5SKAW699AECB2HGXPR91-fra
server: cloudflare
etag: W/"1b24-GqgswdM7opiZOqFSwUlHVut+Xpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 791354a96e952be0-FRA

Redirect headers

date: Sun, 29 Jan 2023 16:26:38 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GPEV9AKHHPRCSY1E2PTZN5GW-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1621457
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.1/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
cf-ray: 791354a90db32be0-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 49ms
49ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

221ddd4c247e9d304cce1c2974d81b519c67b143eee339aeb1709b8f39b3809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 53ms
53ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7adfe627f5524ccdd01dd1124cd6f81732ff0d91d4ddec909add903f4e958006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:38 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 5 KB
2 KB 187ms
187ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 439bd14456df06b460ddf23588fd676fedc58e1e72d5666729aa476a7e078c45

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 covidtesting.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 2FD1 122 KB
49 KB 14ms
12ms XHR
text/csv 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/covidtesting.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3107c21aecda61b2789afe2d26b300613439dcd2010602a8a8f52d9f2848cb58

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 9jHNI0u.TtYMMNVdCtUbWJRjrlfKSlQh
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 16:26:38 GMT
last-modified: Fri, 27 Jan 2023 01:50:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 202
etag: W/"da0f00af19641a399cfb9c6f74a5ea9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: TsrB6wgky7EGUaCG77Rxd7RIs7_iZ43a
x-amz-cf-id: DpWRELblz4j6U3yZO3UM9sG_aWUvviPhLHBAIkxC8zeCZ-dQ8iUBcw==

GET
H2 200 region_hospital_icu_covid_data.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 2FD1 207 KB
48 KB 25ms
24ms XHR
text/csv 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/region_hospital_icu_covid_data.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8bc9b938899ca09245e931f439dfbd97fd91ecf43d6ecba1e04921823b67f4c

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 3kQn3seMiN3pD0kZDxOLNvedjPfo.8PJ
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 16:26:38 GMT
last-modified: Fri, 27 Jan 2023 01:46:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 203
etag: W/"32cc8b791ca25d748164dfc0f58e2847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: eswSesLJsL.hlpb4vkpOLOmQw8gz6XBA
x-amz-cf-id: 3xNtw27-qgYdYUt7i6OzqCohsSIbjDqkmqdvOiib6GTQPkkfn48BMg==

GET
H2 200 vaccine_doses.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/ Frame 2FD1 49 KB
22 KB 31ms
31ms XHR
text/csv 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/data/vaccine_doses.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bb5f462f8702c0edddd60ae42e61816986dfb8adb63d9a7d43c19ca0f4c9454

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/new-web-dashboard-for-web/hp-widget-2022.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: .dLXdUCLWsuoSPjLMto550dgUEfuEeTR
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 16:26:38 GMT
last-modified: Fri, 27 Jan 2023 01:46:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 203
etag: W/"20574cc00af0f49bcdcfcc753ba949cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
x-amz-meta-version-id: w2XVbId2hXxXkxN0CwjyWTpqnZoYIX7p
x-amz-cf-id: vmbCi-ARhnxZQHmCEbenGhnOsHcbPK8DbXURG-mrdDkUTyXj8llcFQ==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 2FD1 37 KB
38 KB 43ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:44:51 GMT
x-content-type-options: nosniff
age: 153707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 21:44:51 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 61CA 0
27 B 152ms
151ms Other
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-hj-rwJPKJ-FgCKdZIZwubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-hj-rwJPKJ-FgCKdZIZwubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1.O/am=GgMABA/d=1/ed=1/rs=ABXTjI5Nm9ITRRFjaW096In_q3LjIgIHEw/ Frame 61CA 521 B
968 B 44ms
8ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1.O/am=GgMABA/d=1/ed=1/rs=ABXTjI5Nm9ITRRFjaW096In_q3LjIgIHEw/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 05:52:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 20:40:03 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame 61CA 194 KB
69 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7VMXBCMaLqAMHRmQVFUgIPvqzBFQ/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465280&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61cc7f269591699413dd4c33cadc4463963526ab2da3495a631252aef832218a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69977
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 03:55:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 17:28:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=9532874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=546168110&gjid=737353752&cid=1504040696.1675009599&tid=UA-70431129-1&_gid=1007964397.1675009599&_r=1&_slc=1&gtm=2wg1p0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&z=347982639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=9532874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=839283647&gjid=1085368210&cid=1504040696.1675009599&tid=UA-73335503-3&_gid=1007964397.1675009599&_r=1&_slc=1&gtm=2wg1p0P86MZHL&z=1946009027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 325E 7 KB
3 KB 201ms
33ms Document
text/html 52.213.249.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.249.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-249-147.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aMJrIynPS3g=
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
458 B 86ms
17ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=25234190571039694640649527826468042514&ts=1675009598958

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a94ceaa2b28c5abd18ba9f63e5f92b91daef54a2beb2c118a2945eaac84cae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y9aePwAAAN1MawOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=25248230310320063220652621130009062680
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9aePwAAAN1MawOJ

42 B
942 B

35ms
35ms

Image
image/gif

34.251.149.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9aePwAAAN1MawOJ

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

34.251.149.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-149-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SEh0Oa2OQbw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9aePwAAAN1MawOJ
Date: Sun, 29 Jan 2023 16:26:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 175 B
385 B 305ms
213ms XHR
application/json 54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2369e6bc5f7f968d67ee006cc9e3f82d89bb723aa2a296f2a1683a1dad22485c

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 48ms
17ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-70431129-1&cid=1504040696.1675009599&jid=546168110&gjid=737353752&_gid=1007964397.1675009599&_u=YEBAAAAAAAAAAC~&z=1444388282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 16:26:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oe1p0&_p=9532874&_gaz=1&cid=1504040696.1675009599&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675009599&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
17ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=1504040696.1675009599&gtm=2oe1p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 81ms
43ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=1504040696.1675009599&gtm=2oe1p0&aip=1&z=930563621

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oe1p0&_p=9532874&_gaz=1&cid=1504040696.1675009599&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675009599&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 18ms
17ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1504040696.1675009599&gtm=2oe1p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=1504040696.1675009599&gtm=2oe1p0&aip=1&z=819570748

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 11 KB
2 KB 193ms
193ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f5252aabc5f59d8aa24a90587d16ea2d8f64d0b23e9f95d81fdf62c39f2066f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2a23-JxZL3LG49mRvYkpQzVSfgmNej1U"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 5BPZHK0GQZhNwiBXFuAxGrwhPMU2andA9b2CV6IYT-DDqER2CZj69Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 200ms
200ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ff48e0d745570b8ce2b130033596ab4059b9efe5c136a5a8d496711b9c121635

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1b9b-axBDoP1b0J/fYB3Pz+mF5m9Jtvc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: eTicHw56fTanTwJrpaS4KBhLuHPHVK7qDegcoHN-vgHjD-7dyrwBjg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 192ms
191ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f03610252c91147e992c1764bb99999010107b8662d93b50c846b9415deb4f9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"101d-LFXPLOQ1XZYKIlpz4Gjyf8UprA4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: MrmXQ70ASUW7wF13kMtGUv_uRSPcyYvvlkY-zChJsS40LLCHfBOn4A==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 201ms
199ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6f12ca023ebb1ac1aae921f6ae3303c4a76e90c71e08c6095c63bb7f6fa7c2d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"16c9-RzBvIH50ELeYwjZr2UamGNl0eAE"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: BZ3b5zLOiGpJgBeF4ourKabIjnv7c4xIu3VJorQLU4yzXWor-vnJeQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 193ms
192ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

70c2b0b6263c4f0821b7e205720f9a227700149cfab9575086638e0e2f1443f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1c9f-HpJWamAiWd5i5vBeMxNFqrxK+v8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 5Ii8O57bAcd8JhLbtg6w1YwFN7gLpXhczv-FI7j7FCr20Uc4frASDw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 190ms
189ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

1200dac1322c6c3eb6a80d630092bc3d275068d87aec3b9de8fcd488479e663d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"10d6-IjZ2yNlaownFKNY3ErBPuG0YO5g"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: E_l6eeiqQ6pydQ6ytwbcobknixI4Xy3eoZfR9hfRhkiXA7NSpGJDIw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 201ms
201ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

35f9096798f083ffa7cab51198e409ca720d9c53aea349db54b89ec71377734f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2623-nutNKeLpOmWoXmifrubooUM+JKw"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: nED5DtIK_I4Sd_CMiHUHa48muj1D_J7LEBFeJMXtB5XCn7mEWzFy8A==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
2 KB 193ms
191ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ae84dc0bafe3664707af7f3dd101308256462af1e3b84e56812f4f77fb732d37

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2381-XtdWeaugkwp+K+BpkNyx3imBfXk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: HHyrSezPRN7oebEqhnVp95eeXbLmG8d0yMBLyOm9Q00W1R4jkKpdMg==

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 26ms
25ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:39 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 70ms
24ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Jan 2023 16:26:39 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 119 B
606 B 396ms
350ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2ff7ecd210868ebc3f4dff40435839bad1872588249677c36dcd29679d85278a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:39 GMT
ETag: W/"77-ng9+5Zd3n2lk16O7389Z7V9wiHg"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 119
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1... Frame 61CA 124 KB
42 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1.O/am=GgMABA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5scDBxY6fjfx5ITwHHfKzwmJZhew/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7VMXBCMaLqAMHRmQVFUgIPvqzBFQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

763940c42b97c63ccb5c0537247c663ef7636c877409e10b01dfcc719a4b33b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42973
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 05:52:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 17:46:07 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1... Frame 61CA 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1.O/am=GgMABA/d=1/exm=COQbmf,DfBslb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5scDBxY6fjfx5ITwHHfKzwmJZhew/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3677737a35152b4917761238247b460edae31384b922fb3094840183b92418fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 19:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7299
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 05:52:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 19:03:28 GMT

GET
H2 200 config Show response
push.kumulos.com/v1/web/ 2 KB
1 KB 51ms
50ms Fetch
application/json 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

POST
H2 204 events
events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ 0
0 65ms
65ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 config
push.kumulos.com/v1/web/ Frame 0
0 169ms
42ms Preflight
text/html 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 events
events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ 0
0 58ms
58ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ Frame 0
0 180ms
51ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ Frame 0
0 179ms
50ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1... Frame 61CA 1 KB
739 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.WeHfa369310.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.eixjbSRBsjg.L.B1.O/am=GgMABA/d=1/exm=COQbmf,DfBslb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5scDBxY6fjfx5ITwHHfKzwmJZhew/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0c3bb0a14aa577cdc61cf073ac09b2b19db7e46601c89a6b52583a2d11129a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 05:52:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 17:46:10 GMT

POST
H2 200 log Show response
play.google.com/ Frame 61CA 131 B
579 B 128ms
54ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:39 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 61CA 158 B
189 B 161ms
161ms XHR
application/json 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6805779002396913780&bl=boq_subscribewithgoogleclientserver_20230125.07_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=59200&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62349b28ba3565da618f1e34b9e72190c45bacd9b5727ae7f346e824f07f31ef

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 90274f33e3f8f85d026eabf0aced12f2 Show response
n511.thestar.com/plugin/plugin/ 199 KB
44 KB 8ms
8ms Script
text/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

7fb7b844173d86b8a4cc54bb68f9e676d426f59b9b011649b492856bdcb4dc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 525183
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44584
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 14:33:36 GMT
server: -
etag: 90274f33e3f8f85d026eabf0aced12f2
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: kY1ugyKG6Z8l0Z1PZf1rFuibCrHV31SrPcjVU1dIGw4D-wrnJ9ljPg==
expires: Tue, 23 Jan 2024 14:33:36 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 190ms
189ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

86ea610da0ec4a37ea526f214047d44ce29fa62554095afac064dc2ac114b616

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"ee2-wRBGQNPJUAxfcqYrNsVCCCcI3r0"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3810
x-amz-cf-id: pwNeLDLWM60uX5pnsr8YBuyXBbaSbaX3k67KrTsPQKCElgZ7dpHZBg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
10 KB 191ms
191ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

eff9d4dfcbd28e0746a788a69d9fd8683605a52c1146e672ba57ad201cfa0978

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2744-QGcGolR/RuymTRbirfX6l0XSDhk"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 10052
x-amz-cf-id: 434LS5s6F5M5kRYUA2-OX90SRf0485-1mFxhnFss9xn-bS88qGeMLw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 189ms
188ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f9e8a27cec7e4c23b4019a9e6e2bebcfb51da4accac10a103487663e873c86c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"f9b-EEd/idoxUppqdBO4bMYExTx9Mg8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3995
x-amz-cf-id: NQ93Q37Csr-BYFtzuAT5N552c41QeHQN6ayp7ipZBG8iB-do0_8Z9g==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
7 KB 189ms
188ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5a8e24ac12207af6be646aeb3a531266cbcba365b429dc987517c5f99ea89efb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1a93-3gzVIP8OISAv2RqDiOYScFkhpxw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 6803
x-amz-cf-id: 2WvP6snT2lPn0MRXLz4fDXw7IslFHySyaWTAWBUJBrFnqaWLisjm9g==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
7 KB 191ms
189ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d2ffd6e089be0996c9d705ca792a39289e4d675d8eff210de39839e8dcbd583b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"198f-kjXpETjZp8I6u192KUMtOxi2ioY"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 6543
x-amz-cf-id: GEMBsI23vy7Se638MpuQ8ejrV_7ChweSumBrH6xnQtbWh5w4bXy3iQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
9 KB 189ms
189ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

8de483808b3b048479835f0d1a5043b3ca2480bc56758c5651e011b1bc2cd7a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"210b-tBaFRQNOE0r2WakeDRqajLG8TJs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 8459
x-amz-cf-id: 03iQ290g180HfrAihpTmsgS9HBPFacT66cCGM9n0B1FBAT_yLA6CYA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
6 KB 190ms
189ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7245a2a316c20737b16ca50cf682297cd0e89c532afe3918fe0e821d0e4ecbdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1525-m0hhZ3y8GZVV+gsQXl/2VUR9EAk"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5413
x-amz-cf-id: fO89XbRgVeyIKrEjAh4_2OAE_5mRUsNqKnP3oNhn5Fs7NDKjOLBzoA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
9 KB 190ms
190ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9714e3837862d23f252a77c73ccb99242781d098be29e23888a6e355da80925d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2345-kKQLbk89kcrnklulbIoaH5m7LII"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 9029
x-amz-cf-id: F9b6yuFmzzhi13-bO2vJpdr6q7kGChlXwaJCDx4yM3q2BE2CAXX1IA==

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 9ms
8ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:21:46 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 293
x-powered-by: Express
etag: W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: 06uuf-nNPXbV8gjIz7l4SVd6foMYglDS2_CGej_AreRIQmgs20KO9g==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 151ms
30ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1675009599282&plid=65708543&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10372%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1675009598839&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Sun+Jan+29+2023+16%3A26%3A39+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=54182543&u=pid%3Dc3e31843d238250ac371cccf4608bdd3
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 29 Jan 2023 16:26:39 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 29-Jan-2023 16:26:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 mdc.textfield.min.js Show response
n511.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 7ms
7ms Script
text/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 2328998
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Sun, 01 Jan 2023 17:30:01 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: oc2Oyr93io76D8Cril1NDSixi54daQIv0q7DgANO1oSGn9OgJGwUwQ==
expires: Tue, 02 Jan 2024 17:30:01 GMT

GET
H2 200 user_agent.min.js Show response
n511.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 5 KB
2 KB 9ms
8ms Script
text/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 23:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 11640108
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1274
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 23:04:51 GMT
server: -
etag: 333f52c72fdc4072c6c7950dab8f54f4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: Yb1B0x4AZwGg3JwEMQYljijEtX29zkX9vW71YhxhGlv8rpOF4CGAdw==
expires: Sat, 16 Sep 2023 23:04:51 GMT

GET
H2 200 8552f9c6b53c11a4f009a16ae75a9712 Show response
n511.thestar.com/plugin/library/ 290 KB
92 KB 8ms
8ms Script
text/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugin/library/8552f9c6b53c11a4f009a16ae75a9712

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

609bf78678197937d024c8c1cda3d194f611f9b8a86f4950b88574436218eec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 525183
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 93463
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 14:33:36 GMT
server: -
etag: 8552f9c6b53c11a4f009a16ae75a9712
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: EOy-yL0dtE69G8ECjLrQ23Zn41gYXJkl0C2DHMPnFJdnduiIcjhVUw==
expires: Tue, 23 Jan 2024 14:33:36 GMT

POST
H2 200 LB-Zone-2 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/811/ 3 KB
2 KB 376ms
376ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/811/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=9fb94a7a-7202-4cd7-9231-3315a16989c8&overruleReferrer=&time=2023-01-29T16%3A26%3A39%2B00%3A00&ts=1675009599295

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

988695c66c29313e972cc6be1770cd7283b05d09e93e5d2feab94ddaac7652c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1123
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: jjoeUF7TdOXIDUBrZtx_DPj9oxmJ7A838ayrDP1V3ZqYGH4HcWK4QQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 25234190571039694640649527826468042514 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
416 B 313ms
313ms XHR
application/json 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/25234190571039694640649527826468042514
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-87.fra2.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-trace-id: Root=1-63d69e3f-5a54ccc862a0fcb97a37162f;Sampled=0
x-amzn-requestid: 7f69c85f-05e3-47d4-886d-c1aa44eec2c6
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: fg2qAHXSoAMF-ew=
content-length: 51
x-amz-cf-id: eWYJszXo7pWXwrAmYdlaBtH6U6-PisYRq4YD88HAkR4_MQhVIZsdrQ==

OPTIONS
H2 200 25234190571039694640649527826468042514
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 366ms
281ms Preflight
application/json 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/25234190571039694640649527826468042514
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-87.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-apigw-id: fg2p-GqvIAMF64A=
x-amz-cf-id: bNxIgmxMdq6PE9JkU-wPpRnO8sp7x5m2cmChp74SQ1odNUPaxItVfQ==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 244890c3-be43-4886-815b-f7d60a3a4e72
x-cache: Miss from cloudfront

GET
H2 200 channels Show response
push.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ 43 KB
4 KB 75ms
74ms Fetch
application/json 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/channels

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fb5e1510ab30a2e1cb2f4d21c1e8f6d4036a9ccdcd885c03492f6cdadb4da71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 channels
push.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/ Frame 0
0 46ms
46ms Preflight
text/html 2a03:b0c0:3:d0::be2:3001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/fb407e08-f0f7-415d-b6de-ee7c62969480/channels

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::be2:3001 Colmar, France, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 log Show response
play.google.com/ Frame 61CA 131 B
274 B 55ms
54ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:39 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 93ms
51ms Preflight
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
expires: Sun, 29 Jan 2023 16:26:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 61CA 131 B
273 B 53ms
53ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:39 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 125ms
86ms Preflight
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
expires: Sun, 29 Jan 2023 16:26:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 61CA 131 B
274 B 55ms
55ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:39 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 91ms
51ms Preflight
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
expires: Sun, 29 Jan 2023 16:26:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 61CA 131 B
274 B 55ms
54ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 16:26:39 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 124ms
85ms Preflight
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:39 GMT
expires: Sun, 29 Jan 2023 16:26:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
922 B 101ms
101ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

691ef9c5635ca38ea8916dc5d18769cd708569937ef7048654efaa6cab7d75e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6b5-EOmpH7SHpMG5lb09j2jJRF7x7Oc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: tqSkqBuRfae7R70s8Ba-80aTbwxgSwV9DOFhVuaMDBlOml5qa1dwIg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 100ms
99ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

173ad626273623a1abcbd89e25b28745b695e59be394fba1ffe03d4b565e71d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6ba-PGquEWv6WN7te/zBgOVEnZSsVJ4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1722
x-amz-cf-id: QajYm3g1BKA11P4lA521NOckrSYvAc12s6u99VLOlTRN2B4xXjqc3g==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 100ms
100ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d3bbc29297cfd0318f7fe8a0c553a34dcce7a21ae13a01fbd44f6392887f8bea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6bf-Y6ix1HBw5EpqTuYE2tXfY7GtZLs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1727
x-amz-cf-id: wmq9jtX0f_NvgFfq8heOzGoiVxwoLUxgk5-Q5pUquym3CX6ZgQIhoA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 190ms
190ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

76ce36e0baa7eebd6238bb9e947d276db680757e40b45efe9aa85e495f4c42b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6dd-EsPW9NQzpZjEaVxnjBzMUo2rOWc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1757
x-amz-cf-id: _Yf-BFimIfEwAfSLRbMXyfPh7Ty4mUr34xBL8cNt63IDOG-dORUrJA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 99ms
99ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: ja1YVPr-lV1h8Y8ve5BwggCRIGaxYqVUazS2zBXEifIST_leFTFEWA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
5 KB 100ms
99ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3db03dc1b5de3a02e43013198d79554b1c8cfd7cad6dafcba2378ff91192ee65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"10eb-wGlIxjtWoPnZgXENe95QQCss2nA"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4331
x-amz-cf-id: 6ZNbZswCoD8zZFvM-qvSnFmYlT5y7VF9EMM5Vc7us0_4Zl6Ud8D6zg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 192ms
192ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4e201b3ab3cb12811e6a4d7a91addd881ef2f01785d89eaffc2eb2372f4b2c59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"d82-ThVf19g0rkYov9nLHCgLpkigWg4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3458
x-amz-cf-id: KyEHkrDSw5bY2_0uxLLLdRMyokZihV5_2-GplPfnXtaVdhy94r5FXw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
3 KB 101ms
100ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ac783dcf7fe3c52c54a6a8b06738cebfe5c051589c7a9690293174a99b427f3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"9dd-+1IiD1yrcZ+asOdfs9H9La+OCDw"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2525
x-amz-cf-id: nRwXswq8UGIwzBfRP1TH9u0BZL3JtbdFxCd1qncRW76XIgyQ3tuh5A==

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
94 B 174ms
173ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2095&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=34&jsfv=nbc&ts=1675009599561&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=2094&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F01%2F28%2Fmy-wife-doesnt-regret-her-long-ago-hookups-and-i-cant-get-past-them-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2F2023%2F01%2F27%2Fjay-leno-breaks-bones-in-motorcycle-wreck-months-after-fire.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F01%2F27%2Fi-still-wear-a-mask-why-did-that-attract-a-strangers-scorn-ask-lisi.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
94 B 160ms
160ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2107&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=40&jsfv=nbc&ts=1675009599572&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=2105&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fstage%2Freview%2F2023%2F01%2F28%2Fthe-work-that-went-into-fall-on-your-knees-is-inspiring-and-humbling.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fcasino%2F2023%2F01%2F27%2Fbest-actress-odds-for-the-academy-awards-cate-blanchett-favoured-at-oscars.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2023%2F01%2F26%2Fjulia-foxs-absolute-dump-of-an-apartment-is-a-balm-for-my-soul.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20230125140148-99833640d81a89c3ee434e9bfc5d82debb1cc11c71eb2fc703a185c8045ef99a.jpg
images.thestar.com/-368xRezBndb2NLGTpfKieCortY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/01/25/nova-scotia-liberal-angela-simmonds-resigns-les... 64 KB
64 KB 11ms
11ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/-368xRezBndb2NLGTpfKieCortY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/01/25/nova-scotia-liberal-angela-simmonds-resigns-less-than-two-years-after-being-elected/20230125140148-99833640d81a89c3ee434e9bfc5d82debb1cc11c71eb2fc703a185c8045ef99a.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2af4afbd842993985249d8ecb39222366e835c47e59237c72e3b570448736266

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:03:43 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 332576
etag: "aef4ca1bd43f4bbf597217962d4693020a8d116d"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 65156
x-amz-cf-id: MkXoKHFEm4jAafyVzkfZvUm-a2-gnQGiBMe0xOZ1T5tJmTo5CRjhpw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 156ms
155ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2129&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=44&jsfv=nbc&ts=1675009599595&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=2128&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F25%2Fnova-scotia-liberal-angela-simmonds-resigns-less-than-two-years-after-being-elected.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F27%2Fheres-where-alberta-government-emails-go-and-why-it-matters-for-danielle-smith.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F28%2Fman-and-woman-killed-in-single-vehicle-crash-in-northeastern-new-brunswick.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F28%2Fvinyl-fans-eager-for-first-pick-at-98-year-old-newfoundland-radio-stations-sale.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F28%2Fa-quebec-snowmobiler-dies-after-possible-collision-with-moose-authorities-say.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F27%2Fbc-boy-handcuffed-mother-says-childrens-hospital-should-have-been-safe-space.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F27%2Fits-danielle-smith-vs-the-cbc-who-has-the-most-to-lose.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 129ms
129ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2142&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=47&jsfv=nbc&ts=1675009599608&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=2141&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F01%2F28%2Ftrump-says-beating-of-nichols-never-should-have-happened.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2023%2F01%2F28%2Fin-67-minutes-of-video-brutality-followed-by-nonchalance.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F01%2F28%2Fmemphis-police-video-leaves-many-unanswered-questions.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F01%2F29%2Fconcerns-over-prayer-breakfast-lead-congress-to-take-it-over.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2023%2F01%2F29%2Frussians-gone-from-ukraine-village-fear-and-hardship-remain.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2023%2F01%2F29%2Fprotesters-cop-city-activists-killing-doesnt-make-sense.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 142ms
142ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2155&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=51&jsfv=nbc&ts=1675009599621&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=2154&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2023%2F01%2F28%2Fmy-wife-doesnt-regret-her-long-ago-hookups-and-i-cant-get-past-them-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fstar-columnists%2F2023%2F01%2F28%2Fviolence-on-the-ttc-has-been-horrifying-heres-what-i-found-really-alarming-when-i-rode-this-week.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2Fopinion%2F2023%2F01%2F28%2Fblue-jays-teenager-enmanuel-bonilla-is-a-cant-miss-prospect-now-that-he-has-a-cant-miss-bonus.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2023%2F01%2F25%2Fnova-scotia-liberal-angela-simmonds-resigns-less-than-two-years-after-being-elected.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F01%2F28%2Fjustin-trudeaus-mps-are-more-nervous-than-ever-about-the-liberal-party.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fstage%2Freview%2F2023%2F01%2F28%2Fthe-work-that-went-into-fall-on-your-knees-is-inspiring-and-humbling.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rl_ellie_08.jpg
images.thestar.com/tlwiGVWV2ibPfLWR8M5p9HGpXHg=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/01/28/my-wife-doesnt-regret-her-long-ag... 3 KB
4 KB 13ms
9ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/tlwiGVWV2ibPfLWR8M5p9HGpXHg=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2023/01/28/my-wife-doesnt-regret-her-long-ago-hookups-and-i-cant-get-past-them-ask-ellie/rl_ellie_08.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0b6d13319ad700a72fc81f86371142db39e075b09bc912e2b44139b56cdc032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 11:39:00 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 103659
etag: "8cf76f56e0202ccceefd79abfe9f191f8f66771a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3472
x-amz-cf-id: sJxlektQRrf7TUT41RD-pSXTpXK1cyHsac5qu9rMgo17xgnPxvLy2Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ttc_police.jpg
images.thestar.com/KbB2q6ig9urHtT2PFNel1Z7pejw=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/star-columnists/2023/01/28/violence-on-the-ttc-ha... 3 KB
3 KB 12ms
9ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/KbB2q6ig9urHtT2PFNel1Z7pejw=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/star-columnists/2023/01/28/violence-on-the-ttc-has-been-horrifying-heres-what-i-found-really-alarming-when-i-rode-this-week/ttc_police.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 93ae84e9bf02467f0e7375d082069d146d3d125ed62a02b37097341355c33647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:17:18 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 72561
etag: "94d496afd36c40a47e71aae183b85a7121ad4626"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3034
x-amz-cf-id: FyBSeoyDgM0IhURBHBk9uy0hn0vbMq6bZ6mhhJXZhyIYd-njJr-BzA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bonilla.jpg
images.thestar.com/0oo0DwF9QsxNpx-8Hm2w6MaILio=/0x0:613x409/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/opinion/2023/01/28/blue-jays-teenager-enma... 2 KB
3 KB 25ms
22ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0oo0DwF9QsxNpx-8Hm2w6MaILio=/0x0:613x409/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/opinion/2023/01/28/blue-jays-teenager-enmanuel-bonilla-is-a-cant-miss-prospect-now-that-he-has-a-cant-miss-bonus/bonilla.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 82d8b2f27fbb20378827a1c7dc7b09910e5d4e4bdd50ece74a587bbb60e7fdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 12:41:54 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 13485
etag: "73bf49748d2ca3b49f67fc803bbb0c68523452f0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2212
x-amz-cf-id: t_L_sudNIYzf9dMm412fWCFSERFJw23LI2ltS3loigQ9bRTQLN7pcw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20230125140148-99833640d81a89c3ee434e9bfc5d82debb1cc11c71eb2fc703a185c8045ef99a.jpg
images.thestar.com/g95QOPAkDC8xbLrs48daF94gTv0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/01/25/nova-scotia-liberal-angela-simmonds-resigns-les... 33 KB
33 KB 13ms
10ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/g95QOPAkDC8xbLrs48daF94gTv0=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2023/01/25/nova-scotia-liberal-angela-simmonds-resigns-less-than-two-years-after-being-elected/20230125140148-99833640d81a89c3ee434e9bfc5d82debb1cc11c71eb2fc703a185c8045ef99a.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2c44bfbe8938374a92db5a3909f21956c4e244ded3e744b57e763db1b8442d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 21:41:02 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 326737
etag: "39c2b8968d5dbd439716b2a41bc0ff862e79e360"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 33556
x-amz-cf-id: XMfYYr_wKQLq4gDZTpVO4XGmCmpCnVQ9oZn4xob0zV-_PXW5uYYUjg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 justin_trudeau.jpg
images.thestar.com/8ndXZrJJPwV22g8977ubjvRGhI0=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/01/28/justin-trudeaus-mps... 2 KB
3 KB 14ms
12ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/8ndXZrJJPwV22g8977ubjvRGhI0=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/01/28/justin-trudeaus-mps-are-more-nervous-than-ever-about-the-liberal-party/justin_trudeau.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e1a9be8e01e4a721b1500d065a9b62803bb83deb3d15ad649a0206b05d272599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:29:16 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 7043
etag: "5bdbb23c4724729e1c72fcc28d3d6ae3f4a9a625"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2458
x-amz-cf-id: 4lpzcujEHJW6adToxZoKs3S0MIbpM42c22BWLLfj8hbuT17MBUzQ-g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fall_on_knees.jpg
images.thestar.com/EOf1zifwJDR6yGVxFQ6Am0sqeY8=/0x0:1197x798/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/stage/review/2023/01/28/the-work-that-went-... 3 KB
3 KB 21ms
19ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/EOf1zifwJDR6yGVxFQ6Am0sqeY8=/0x0:1197x798/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/stage/review/2023/01/28/the-work-that-went-into-fall-on-your-knees-is-inspiring-and-humbling/fall_on_knees.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dc6145e07e7f849bd70673be8a237333b28f2fbc277851c25b9b8e12f7444b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:17:12 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 11367
etag: "43162bf9ccf92655409c8076e08d9a6188883d65"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2912
x-amz-cf-id: hO63nER2GSJQayv1WOHo3ZvEBquld4C6-d_gd6S-cmx-rg1IqvkXIw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fall_on_knees.jpg
images.thestar.com/FM1g44iiH-QKSrDbwS6YQqtnGxw=/0x0:1197x798/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/stage/review/2023/01/28/the-work-that-went-... 33 KB
34 KB 8ms
8ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FM1g44iiH-QKSrDbwS6YQqtnGxw=/0x0:1197x798/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/stage/review/2023/01/28/the-work-that-went-into-fall-on-your-knees-is-inspiring-and-humbling/fall_on_knees.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 81117b9c6ffb1914cf2f1607952220a48a70916b18d27241100515c821400243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 12:59:57 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 12402
etag: "c612b6d5f08a0a5c304633b6ff5c527ec6c77f8c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 34094
x-amz-cf-id: OEpTmHfv3NHNnM09tE3BDIxvhzy-yHttsUU8EoKOLOHDiBGE0UcSZw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 121ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2175&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=56&jsfv=nbc&ts=1675009599641&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=2174&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fopinion%2F2023%2F01%2F28%2Fthe-bruins-are-riding-the-perfection-line-to-a-near-perfect-season.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fdoug_smiths_sports_blog%2F2023%2F01%2F29%2Fye-olde-mailbag--the-raptors-at-the-nba-trade-deadline--still--a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2F2023%2F01%2F29%2Fmcilroy-shoots-65-has-3-shot-lead-after-3-rounds-in-dubai.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftennis%2F2023%2F01%2F29%2Fdjokovic-tsitsipas-start-australian-open-mens-final.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2F2023%2F01%2F29%2Feileen-gu-takes-a-bad-crash-in-practice-misses-winter-x.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fauto-racing%2F2023%2F01%2F28%2Fbus-bros-have-early-disappointment-at-rolex-24-at-daytona.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpe%2Fsports%2Fpeterborough-region%2F2023%2F01%2F29%2Fbeck-back-with-peterborough-petes-after-nhl-debut.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2023%2F01%2F29%2Fcapitals-vs-maple-leafs-picks-and-odds-bet-on-washington-as-slight-underdog.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 schreiner.jpg
images.thestar.com/iNAF_4_V0E2od9C2gBelwZepACw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/01/29/10-reasons-why-mike-schreiner-sh... 24 KB
25 KB 11ms
10ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/iNAF_4_V0E2od9C2gBelwZepACw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2023/01/29/10-reasons-why-mike-schreiner-should-think-before-swapping-green-for-grits/schreiner.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bc61076920b5675833c6e1d6c61bcea07a7ed80fdae228ce87d730f649dbfe7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:22:05 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 18274
etag: "140a454aaf3f1030019ba3b7732b6c92a137b523"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 24714
x-amz-cf-id: lgMrDu33WQcVdNxiz9EWsWZagVwr9nKiyCDQY1gfCKYMKB0GzwqmYQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 110ms
110ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2194&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=58&jsfv=nbc&ts=1675009599660&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=2193&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F01%2F29%2F10-reasons-why-mike-schreiner-should-think-before-swapping-green-for-grits.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2023%2F01%2F28%2Fjustin-trudeaus-mps-are-more-nervous-than-ever-about-the-liberal-party.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2023%2F01%2F27%2Fwho-decision-on-covid-19-emergency-wont-effect-canadas-response-tam.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2023%2F01%2F27%2Fdoug-ford-warns-ottawa-what-happens-with-the-greenbelt-is-ontarios-business.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2023%2F01%2F27%2Fpierre-poilievre-says-everything-is-worse-and-justin-trudeau-is-to-blame.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2023%2F01%2F27%2Fcity-of-ottawa-says-thousands-in-tickets-still-owed-one-year-after-freedom-convoy.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 google.jpg
images.thestar.com/UyIN8qkYg2WU6IMDlZPqQNNIB68=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/01/28/dont-do-evil-massive-layoffs-at-google-shi... 14 KB
14 KB 9ms
8ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/UyIN8qkYg2WU6IMDlZPqQNNIB68=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/opinion/2023/01/28/dont-do-evil-massive-layoffs-at-google-shine-a-light-on-tech-giants-ugly-side/google.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dcb66fa0708a35c1788142e9fe216c5540c8f5a26912173c5c46b6296a7f1d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 11:07:10 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 105569
etag: "c73cfbed1c041ab9bb62b8173f522091344435ee"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 14210
x-amz-cf-id: gQ66XX9fDFWRrRctgSQazKu5uXbSJFjS8q5_e8rCKfENpXBSO4OhqQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _yyy4854.jpg
images.thestar.com/WYUjVFdSqX1RCr8atV9_pA1BK40=/0x0:1191x794/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thespec/business/real-estate/2023/01/28/most-hamilton-apartments-... 15 KB
16 KB 10ms
10ms Image
image/webp 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/WYUjVFdSqX1RCr8atV9_pA1BK40=/0x0:1191x794/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thespec/business/real-estate/2023/01/28/most-hamilton-apartments-unaffordable-to-those-earning-less-than-65000/_yyy4854.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 21d78299d331d351b8c1dd6ebabc68a74e9ae750fffd3f4a02c900c8474c0c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:38:53 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 6466
etag: "c7a7c639df560e36dbf6dbcfd60e9efe49bbdd4f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 15694
x-amz-cf-id: uiMXsDYl6mutO9Cozdi268epqu3vLlW7GKIXKtnGrqB2HHPMoJ3XfA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 108ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2213&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=61&jsfv=nbc&ts=1675009599679&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=2212&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2023%2F01%2F28%2Fdont-do-evil-massive-layoffs-at-google-shine-a-light-on-tech-giants-ugly-side.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fths%2Fbusiness%2Freal-estate%2F2023%2F01%2F28%2Fmost-hamilton-apartments-unaffordable-to-those-earning-less-than-65000.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2023%2F01%2F28%2Fconfessions-of-a-shoplifter-as-food-costs-soar-and-self-checkouts-multiply-more-people-are-stealing-and-theyre-not-sorry.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fsmall-business%2F2023%2F01%2F27%2Fis-building-ownership-the-secret-sauce-to-restaurant-longevity-in-toronto.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 374ms
374ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/811?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=9fb94a7a-7202-4cd7-9231-3315a16989c8&bctempid=&overruleReferrer=&time=2023-01-29T16%3A26%3A39%2B00%3A00&ts=1675009599705

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

37a313683fa02df7de28034c4e09131643fa1b6ffa34eb55512e91a9d20c6ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 169
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: ifOkCJxoUKFIMjSkKPrfqt1vFF0hlj4ZZw6nDe8eQpMhDnBYDJzUYw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 379ms
379ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

bc86b33e550b81ff2b725be8c5db5027d746fa3256ca4ac16620850ff8b199ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2487
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: S6xelUlS-6OFg9n8Im3OatboPpb_TIMnB_IqxrTvzCl2Ah65LDgbOQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 toaster_v3.css
n511.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/ 1 KB
1 KB 9ms
8ms Stylesheet
text/css 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/toaster_v3.css

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 04:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 14730980
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Aug 2022 04:30:19 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: EWTNR_C79U2ek92LAsdyoxhTj9jvj3ya-IAVeSCzVq2kI_35dWzsHA==
expires: Sat, 12 Aug 2023 04:30:19 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 562 B
1 KB 383ms
383ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

85ac97c6c55164825efc0def0d9fe8a2c2a9bb29886c52deab9264efe763f294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: jvmRu_R1k1cbdN_8n7WiVsEl4L0S8qHHdmETjJTFZKkcsKmgypIlGg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 379ms
379ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

75e68151ba37820b4465bb9dac3512608115f5043f3680af60cf2d5b1a083567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2488
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: wmHtXJjNd5pciXJZIBwvKByOjNqV_oYy0wX_Sxp1t8uOrlpfU_EQTQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 44ms
15ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 16:26:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lm7Sa/g7wlOH2n5PJlBFQe6vOT9sZAJ0bc2vqMlEm0sAsX2r9g4znteWiURH9TEKAVcpf3lhY5Am0y2mGcxCHA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 384ms
383ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

31c9f59a7ed0384b28faa9a3459d3eb4bfa0bbe871c3c9f0576126bdb9e2f218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 176
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: djSs-Y3CAKiNNW0CYIFzTs7hr7fwKfjQBL5VNsERToGtEf4q7IPIYg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 108ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2244&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=63&jsfv=nbc&ts=1675009599710&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/ 35 B
49 B 206ms
205ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/06736a47-1994-4aa7-aed2-da175e6ea2a3/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2248&blst=597&ist=1268&iet=1272&bdst=597&bdet=760&bcttt=64&jsfv=nbc&ts=1675009599714&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=06736a47-1994-4aa7-aed2-da175e6ea2a3&sid=6766d7af-a5a4-4a2e-c8a4-defe97e66214&pvid=f54a0ecf-a081-42d2-946f-f3fdbbb7c516&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q222_OutlinedSale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:39 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 384ms
384ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

5f4da29e769189c0fc84a4d3e2315152e2268d0ef3a877240832069735ca7de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 167
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: hEfZQt8Ikl-n1Lb7ZfMO6mGPNQ9APwc9E2jGQ3EjGgpRuz_kYNBOkg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 chunk.89041.4784e4f6.js Show response
widgets.media.sportradar.com/assets/js/ 140 KB
41 KB 18ms
18ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.89041.4784e4f6.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2ac10b4585cefa7d8cc5d10683fc08931b81666554f3d289387a9fa5cb5e8590

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "1eb4cc123a7507ca878134389e0cfe64"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 41498
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.57420.285d348a.js Show response
widgets.media.sportradar.com/assets/js/ 341 KB
90 KB 25ms
25ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.57420.285d348a.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02463aab76e19152f1c10c3b126fe850915315e44e6fc6b69630974324964c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "ed8276cd93fb3c8c13c842bfd8f8a545"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 91883
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.74425.395fc60b.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
5 KB 41ms
40ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.74425.395fc60b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ff2ba9b6d955f08c52856fb97bc771d3f12ce829c1fa6287aeaf82c3ede794c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "705f5a7ff0da8669c498d236f0f45b0d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4689
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.75472.e3513d70.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
8 KB 41ms
41ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.75472.e3513d70.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ad483a4e616636b1165205d04324f8e67d47c02c6d9eca0c99d99dd1e2b56f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 15 Dec 2022 19:32:00 GMT
x-served-at: Mon, 19 Dec 2022 08:34:11 GMT
etag: "8631471a6e6a2938d7a35cda8687a17c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8280
expires: Sat, 21 Jan 2023 15:16:02 GMT

GET
H2 200 chunk.58047.f9857c8b.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 42ms
42ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.58047.f9857c8b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:08:17 GMT
etag: "77dcbaed60f52b4338418a558410cc56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3865
expires: Thu, 16 Feb 2023 06:08:17 GMT

GET
H2 200 chunk.87159.ee512fad.js Show response
widgets.media.sportradar.com/assets/js/ 109 KB
30 KB 43ms
42ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.87159.ee512fad.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8104abbac1f44dea1051add7ff964a71865befbb4a4c676c6616a80a83d26a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "427a447a7f2897168a334ec915069801"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 29914
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.872.f278cff8.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
6 KB 47ms
47ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.872.f278cff8.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "2e33f72f6efa38ea0852e0d2951de36a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5766
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.88139.274c7355.css
widgets.media.sportradar.com/assets/css/ 20 KB
4 KB 47ms
46ms Stylesheet
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.88139.274c7355.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Sun, 22 Jan 2023 05:35:00 GMT
etag: "c49787c1d88ae88587d40d3a2128e530"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3803
expires: Wed, 22 Feb 2023 05:35:00 GMT

GET
H2 200 chunk.88139.223cfcbb.js Show response
widgets.media.sportradar.com/assets/js/ 22 KB
7 KB 48ms
47ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.88139.223cfcbb.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "721c6aa9d4d169f53089fda9c8650d3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6585
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.56615.e516b9de.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
7 KB 48ms
48ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56615.e516b9de.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:52 GMT
etag: "17d28dd8a0d379cf3bf8a0fde19671e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 7004
expires: Thu, 16 Feb 2023 06:10:52 GMT

GET
H2 200 chunk.36369.4d629a02.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
3 KB 50ms
50ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.36369.4d629a02.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "d732fcd8139e215ea39b473933d09bdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3139
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.99585.125055ea.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
5 KB 55ms
55ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.99585.125055ea.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:52 GMT
etag: "7f3ad519cbc50f88557125cbe435144f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5105
expires: Thu, 16 Feb 2023 06:10:52 GMT

GET
H2 200 chunk.73555.747d7328.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 55ms
55ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.73555.747d7328.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

962e0598efaceb0ca367d3fcf587550d9edd875aa9652d3967481d646e128d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "27182ce42b05a47329bf901ce18b2d82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3854
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.5871.31c7af08.js Show response
widgets.media.sportradar.com/assets/js/ 8 KB
3 KB 49ms
49ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.5871.31c7af08.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Wed, 25 Jan 2023 19:50:44 GMT
etag: "7fec7d978e30bc583c1a19f722210edb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 2970
expires: Sat, 25 Feb 2023 19:50:44 GMT

GET
H2 200 chunk.69233.b25f7c54.js Show response
widgets.media.sportradar.com/assets/js/ 29 KB
8 KB 47ms
47ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.69233.b25f7c54.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3821a4020f167a0d6ee06f0a7c1f70cf5fc5341687ec2cc2284398a173af0c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "e27554023b17220082f60f2a4336f960"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8157
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.13040.f97e5173.js Show response
widgets.media.sportradar.com/assets/js/ 45 KB
12 KB 49ms
48ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.13040.f97e5173.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:34 GMT
etag: "f48cd5b9c67127bc245cd22cb5bf70e3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 12064
expires: Sun, 19 Feb 2023 22:48:34 GMT

GET
H2 200 chunk.70689.8a75fb8f.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
4 KB 52ms
52ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.70689.8a75fb8f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "547e83aea16d9f6505d68c813bdf23d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 3272
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.83679.aafd3aa1.js Show response
widgets.media.sportradar.com/assets/js/ 27 KB
6 KB 48ms
48ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.83679.aafd3aa1.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:08:19 GMT
etag: "ef4b2e812247d35ae451639597ae1800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 6245
expires: Thu, 16 Feb 2023 06:08:19 GMT

GET
H2 200 chunk.84814.724cf9ff.js Show response
widgets.media.sportradar.com/assets/js/ 17 KB
6 KB 50ms
50ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.84814.724cf9ff.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Tue, 10 Jan 2023 10:57:50 GMT
x-served-at: Tue, 10 Jan 2023 13:29:02 GMT
etag: "f5f15f112020f745f3f67dece3002f15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 5514
expires: Fri, 10 Feb 2023 13:29:02 GMT

GET
H2 200 chunk.95874.44a7e7c6.js Show response
widgets.media.sportradar.com/assets/js/ 25 KB
8 KB 48ms
48ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.95874.44a7e7c6.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Wed, 25 Jan 2023 15:24:14 GMT
etag: "d4c2807e1b48610aaf3c19abbeb97194"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 8330
expires: Sat, 25 Feb 2023 15:24:14 GMT

GET
H2 200 chunk.94135.a3477a7f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 50ms
50ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.94135.a3477a7f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 15 Dec 2022 19:32:00 GMT
x-served-at: Wed, 28 Dec 2022 22:12:04 GMT
etag: "671c8ca3d2c93888427fd55c7c19023f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4092
expires: Sat, 28 Jan 2023 22:12:04 GMT

GET
H2 200 chunk.85559.7f933b9f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 53ms
53ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.85559.7f933b9f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90682e2f91238907278d1e36d649ccce58bf45cf12c16f157308a2009547f8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "d38e78d1aa0741f3160c7b937ca036e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4216
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 chunk.us.common.scoreTicker.ea714b5a.css
widgets.media.sportradar.com/assets/css/ 38 KB
5 KB 52ms
52ms Stylesheet
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.us.common.scoreTicker.ea714b5a.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Fri, 02 Dec 2022 11:32:46 GMT
x-served-at: Fri, 02 Dec 2022 12:05:09 GMT
etag: "9faab841da6c8622e5f390f8e3004a3e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 4569
expires: Mon, 02 Jan 2023 12:05:09 GMT

GET
H2 200 chunk.us.common.scoreTicker.82c59349.js Show response
widgets.media.sportradar.com/assets/js/ 171 KB
44 KB 52ms
51ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.us.common.scoreTicker.82c59349.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dcd4ada1fb3e341a1e3d5242cfe4cd427e7ba155f838825cc3b6007ff0bf3f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:45:45 GMT
x-served-at: Thu, 19 Jan 2023 22:48:35 GMT
etag: "3b1ece1c475ec64597fdf0b436a9bdff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 44921
expires: Sun, 19 Feb 2023 22:48:35 GMT

GET
H2 200 chunk.react.cd04a608.js Show response
widgets.media.sportradar.com/assets/js/ 129 KB
42 KB 53ms
53ms Script
application/javascript 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.react.cd04a608.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Wed, 11 Jan 2023 16:19:15 GMT
x-served-at: Mon, 16 Jan 2023 06:10:22 GMT
etag: "c7bdd38c3252c749e884e2d30a454945"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400, stale-while-revalidate=604800, immutable
accept-ranges: bytes
content-length: 42582
expires: Thu, 16 Feb 2023 06:10:22 GMT

GET
H2 200 en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
26 KB 72ms
17ms XHR
application/json 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1674164361370&h=0a85e093fc3d495c20cfc910a8752d45

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cead41d8473beb15cb3e87b8a2fc4e0e9a5def66acb40afcf9777091bc07440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:39:21 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5270400, stale-while-revalidate=604800, immutable
content-length: 26062

GET
H2 200 css Show response
widgets.media.sportradar.com/torontostar/ 37 KB
4 KB 227ms
173ms XHR
text/css 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Thu, 19 Jan 2023 21:39:36 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=60, immutable
accept-ranges: bytes
content-length: 4246

GET
H2 200 licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
9 KB 188ms
134ms XHR
text/plain 2a02:26f0:dc::6853:411
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:411 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0372efae2ee2ae85f8929bb5e36cd4e7d2eef97cd131e7529e0e3f34aac5eced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
etag: "8606f85c1665e86e1fe8930dc0c35bac"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=200, stale-while-revalidate=60, immutable
content-length: 9489

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
858 B 101ms
101ms Script
text/javascript 52.72.172.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=9fb94a7a-7202-4cd7-9231-3315a16989c8&&callback=bc_json813

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-171.compute-1.amazonaws.com

Software

- /

Resource Hash

61dc9bd40926384fb09673095057563c5f79041f65114ec281b25a0c41f4d5f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
230 B 17ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ddc97c867b19e52a434bf4ae617da266aa3ba6ea7537161957d2820e52fc23b2

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164

GET
H2 200 close.png
n511.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/ 225 B
737 B 13ms
13ms Image
image/png 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n511.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/close.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:00:02 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
age: 4652797
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 225
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Dec 2022 20:00:02 GMT
server: -
etag: 78c046295f4be9f49abee490a3f879b8
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: hyuQ5wWNa12XhlCghIR6hUePVD0s7uGYXxtr37gaU2teRPcRme_kcQ==
expires: Wed, 06 Dec 2023 20:00:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 914 B
903 B 61ms
25ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5833fa17d144e67a74cb3d964c722dca8128eb48c84da6594396f03f3fef18a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 16:26:39 GMT

GET
H2 200 b
engagefront.theweathernetwork.com/x/ 42 B
309 B 3699ms
3526ms Image
image/gif 34.120.23.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.23.120.34.bc.googleusercontent.com
Software: TornadoServer/4.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:43 GMT
via: 1.1 google
server: TornadoServer/4.2
etag: "d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p: policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type: image/gif
cache-control: max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Sun, 29 Jan 2023 16:26:43 GMT

GET
H2 200 549886031832745 Show response
connect.facebook.net/signals/config/ 566 KB
166 KB 170ms
169ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

912ad04f7510b9a5e632a9e4dfb798d3182313dc30df3f33367b4f97ee598a51

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 16:26:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6awMJuX2XW0BnwMOAnOmMVBLpKE5WhQFzd+8vmiLC73z2+Dixyxdws3CsBlNaIRNkPYp1S5ctGZS4Z/3uSsvcA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ 405 KB
161 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 14:04:30 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5C42 43 KB
23 KB 26ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=akrx8hmt2fdq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a824a89d871c7b05b636417d32c7e1663111fcc51ac9a83ec7a6771617a428f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NOSBGaVO_RmGdTc5xsAc9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23110
content-security-policy: script-src 'report-sample' 'nonce-NOSBGaVO_RmGdTc5xsAc9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 5C42 55 KB
24 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=akrx8hmt2fdq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 15:59:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 5C42 405 KB
161 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 14:04:30 GMT

GET
H2 200 default Show response
www.thestar.com/api/overlaydatarule/ 73 KB
13 KB 8ms
8ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/default

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ea68f95f8531ea5d05b401c023a1aa9c37f591264f663845f36e13ea77f3b2ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:21:46 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 292
x-powered-by: Express
etag: W/"12549-hwKxbBlt1ubGrajSh3VJdxAacKg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: vLAPssp9nkXYUmPydMbMGGzjKmb0yDpT-eZPfMJNU1EMjR0oJtN35Q==

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 72 KB
13 KB 8ms
8ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

edec8383d926434d91447fb0e2e97792791ef8c27693867f2bc49d3c918d7f5e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:21:47 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 293
x-powered-by: Express
etag: W/"11e38-hiM6JQNCOBpR/OaCGiH8YqGiIMU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: oh835UpFRYTgiG_B3godGIe8EFFTwnvggPtQDcLgQ0barPeoPheb2w==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
700 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 16:26:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H2

200

MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

54 KB
54 KB

25ms
24ms

Font
font/woff2

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:00:14 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12386
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: e2kz7cm7dhaXf_8aW2ZlE2El8NRU8JZJN-1R05T4uPOl3k0Y5LY1uA==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
content-length: 0
x-amz-cf-id: ruGEAhykuagWDvpHdLJYuLsq-IFr-6MR-A1YQZp6lY8MAq36xnnuRg==

GET
H2

200

MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

55 KB
56 KB

26ms
25ms

Font
font/woff2

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:14:36 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 4323
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Uu8v9S0UNb9ub4JkpHdD7pIZVxqiEyLZ-jQbpEiVFp6Twjy_oowEQg==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
content-length: 0
x-amz-cf-id: CvRSYSPf-wYsOKwEAf9frHssMxaeSBKetn3cia7b9dwFKFfES_cugQ==

GET
H2

200

MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

53 KB
54 KB

24ms
23ms

Font
font/woff2

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:43:17 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9803
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d420-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: PUvFGsaRDOXlLjW352hytYNJEOe7Lvgtz8RYOh4grPkwnZtsc7GZnQ==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
content-length: 0
x-amz-cf-id: TTEZPbuFKcP4T0Yx04F2dTyuDE87HUC2hnoYeD9YzmlPy-mFmW4vNA==

GET
H2

200

TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/
Redirect Chain

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

18 KB
19 KB

23ms
22ms

Font
font/woff2

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:27:28 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 7152
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4930-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: u5WoeIWxbdwdLAyQTOoP7Tt_5NAx5oNf-LNJxnuvd5J3lisx0dWNdw==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
content-length: 0
x-amz-cf-id: M-XkTcFr4hWFjQu3za9v3xUrM3tePn-dvEn8nfENOrIq7JXLk_1U4g==

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

23ms
23ms

Font
text/html

13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:24:00 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 160
x-powered-by: Express
etag: W/"1c91e-tWXUcYzfK7uptV8/RzzEwj3os5o"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Error from cloudfront
cache-control: max-age=180
x-amz-cf-id: HfGbX10OhrX5czE5IyGY-vjtni4NCWa6vsjBh-DzuGvTJ5w9Y4jL3Q==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: 4xXIYEGmfAdOJMgK672URL3rS3MyDPO0KN6VIh1wjg8TFq6XdCyOdg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=9532874&t=pageview&_s=1&dl=%2F&dp=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACgAIAB~&jid=1552148362&gjid=1144321294&cid=1504040696.1675009599&tid=UA-150212423-1&_gid=1007964397.1675009599&_r=1&_slc=1&cd9=season&cd14=(not%20set)&cd2=widgets&cd3=us.common.scoreTicker&cd4=1.0&cd101=(not%20set)&cd1=1&cd6=web&cd5=en_us&cd7=sr%3Acustomer%3A6666&cd107=default&cd108=default&cd8=sr%3Ahsalias%3Atorontostar&cd110=2.0.257%3A2023-01-19T21%3A39%3A38.425Z&cd23=null&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd12=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&cd24=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd103=sr%3Abookmaker%3A129&z=518493806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 184ms
49ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

6ff082a67063de28eacf331c50eb7659917b5c7979c2d80263d6a2ee3cf3b7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web2
content-length: 938
x-feeds-fv: feeds-prod-euc1-fvauto-0d100627a81b30166
last-modified: Sun, 29 Jan 2023 16:26:35 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web2
etag: W/"88ef58a0ebb09b322a82a5efbc772fc425908643"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 817225109 816537236, 60428972 54519378
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:31:35 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 103ms
103ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

cba307d79275c3a5770d12392cb0d5793a553fce22ffbb4dcaf3cc9edb81f576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6BMpUlt6hH-NTf67ZU13lksxWPRY2mmjsEJNu3SolIIiJ28BUuOrIQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 12 KB
5 KB 8ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:38 GMT
x-amz-version-id: YNn60OhIR4hr33kYFxRaziXBL29.07Pf
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"d98b7b1983b686f33b91cd0b48958bba"
age: 3243
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: zzCkGO8u_2ZMABvpAP9f6te3KwdHZ4nWI8E6NncNdChUwmVv7GGIGg==

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
4 KB 385ms
385ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

7ebdfccca9486a018ad64df5e0bf1162b1d2b7fcd6c4387bd75869412808e47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2655
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: mWuwGv6jvqxKZ07Eex1s13OMV7PfnrapyIpDhYSKW452Dcy_Sys8Ig==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 373ms
373ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

7d871d325802d1aff968875e674dca0c9282c4236f0afef9d063c7394def2693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: WDTa9kgZhLGingbPYLA8BdbGO4egSUsZr6uh-BBDTWEhgwXXjmYnWg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 384ms
383ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

0d1fe900bf1cf1cc03ba46bfcb95c0066e6ceebe2e9a5d364bc9c9b7b396518d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: JsVvYfHLQURpCM67WoYRFcDYfDvA_4dpOYbpiJkdLkhV0gHsFVG9Zg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 383ms
383ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

46d370366e7f27b2d4844860d2cd9ea79d0abf0c237a89055fbad84c9deeeaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: qTVvTDS6I14Awmi-jnqIqMusPeXhBZM3cypJm1-h-LFVDjWjAi_wSg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 35 KB
35 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 22:56:43 GMT
x-content-type-options: nosniff
age: 494997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35520
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:56:43 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5C42 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=akrx8hmt2fdq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 19ms
19ms Font
font/woff2 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=2fe22240994a1f90c446
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 13:36:23 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10217
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-185cea1a838"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: IufexIC7l1DFbdf_VeF-Zfksb_9rc735RWdm5KALBS2q9jUk4RYDUw==

POST
H2 200 811 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 373ms
373ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

- /

Resource Hash

6c32e548d4eaa86c160fe3c340f200e7d978704133a7f2cd8f06b35d7147b91f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: bkWLVYEnJnGNEpScq-HlKRM1YK1_gcQL9dUqMNLIMXzWkJeVMH8IJA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 51ms
51ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

11b758236cc927c9b238317bd42953a68b97b2f9edfb80cde71bbc4ce3023a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 733
x-feeds-fv: feeds-prod-euc1-fvauto-0428e647935b15161
last-modified: Sun, 29 Jan 2023 16:24:47 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"d6b29fd632a85170082b3acb36381b8094f5cbfa"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3596
x-varnish: 1006958074 1010257712, 114616373 152837339
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 17:24:47 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 63ms
62ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 399E 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

227e2743eb9511e6d3435c1ea7409b4bbb8931f08666939deb8c8a59bf45d441

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LCwgthfH1Os83xEw1OWoTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-LCwgthfH1Os83xEw1OWoTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 2 MB
192 KB 145ms
145ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

c6057af24479cd79335a4aff93b16b7d56cc774a40163fba931be8b9251eae1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gogkqhag
content-length: 195780
x-feeds-fv: feeds-prod-euc1-fvauto-06f585a845e455521
last-modified: Sun, 29 Jan 2023 16:26:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web11
etag: W/"b200c9b5828d85011d05c432f57d2d1c1c36384d"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=18
x-varnish: 804444782 811824814, 41445051
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:26:43 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 80ms
80ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f13c6a28b9978ebb7548c3e8c4aa46a1558d6331c7722bd30989772707a24ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web4
content-length: 608
x-feeds-fv: feeds-prod-euc1-fvauto-0d5f01f11a39fba68
last-modified: Sun, 29 Jan 2023 16:23:36 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web4
etag: W/"86500e2cd5d8a669be0169ee0d077ce0ccbf1534"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 155791657 149834736, 134722890
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:28:36 GMT

GET
H2 200 RC5e3aa078185a404a90c26089a206fc93-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
1 KB 7ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:39 GMT
x-amz-version-id: vHtP8X1WbHSqXcBOSNU4.MgzfJCTAKgw
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"ae082f44e83d2a2465fdb5589d066b09"
age: 3242
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: KqcD03sn7OzmjJhJcrxqOvkxjOs14ve8hWc9_UukFABFaXV0zgt45Q==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 399E 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 15:59:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 399E 405 KB
161 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 14:04:30 GMT

POST
H2 200 events Show response
pixel.thestar.com/ 0
117 B 355ms
95ms XHR
text/plain 2600:1f18:1430:9001:19d6:7df1:3355:8814
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.92&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9001:19d6:7df1:3355:8814 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Sun, 29 Jan 2023 16:26:40 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1675009600503&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675009600499.760614041&eid=ob3_plugin-set_d3cda17adba8a1a0308526c74bf0826727ed02d2a8bc6a331e42f9930d082b82&it=1675009599805&coo=false&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 29 Jan 2023 16:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RCc150445a040d4802b87fe750d55df33a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 930 B
1 KB 8ms
8ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCc150445a040d4802b87fe750d55df33a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:39 GMT
x-amz-version-id: 0oLuziuN4GPo9fTULSnF6O3F87kFWDfl
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 3242
etag: "de54ee6c26cc532e0031c549c77d95f3"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 930
x-amz-cf-id: cEhAHmErAxXpUFBwvGt92zCLzeh-tr5X0-R65E595A0XPY-h8lb5Nw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 114ms
18ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6382-VIE

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 2 KB
1 KB 7ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:40 GMT
x-amz-version-id: l7QpW6pczs91da4NSbcsZm4JDo4cvYE4
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"868ac1f3a88fac9e89a6810379830058"
age: 3241
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eBeH1VV_278rqSEwoyCrGajQbbC4RLI1YPc_8ybEoSQfkCR4rAMXMQ==

GET
H2 200 102339 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 6 KB
2 KB 87ms
87ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/102339

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

d49e8663f37ee455338bf4bb74ebf876d2dd28bd15a20436d4498e2808a70079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ixniufmx
content-length: 1711
x-feeds-fv: feeds-prod-euc1-fvauto-0d100627a81b30166
last-modified: Sun, 29 Jan 2023 16:26:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web12
etag: W/"a25929ba358e3aa444602c605266620d6536e501"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 816402569 811794082, 59708913 59318845
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:26:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
67 KB 43ms
43ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abd3fa5abdb9a45e49c20a74aeb13f140413e303b717e0a29031146842b2b328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68952
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 58ms
58ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61daf19df594f08549fbe6c7a27b72406424adc125d543589032185c6c42e8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44296
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
67 KB 72ms
72ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0b3ada09bcb7e580dd5617a0a8d033107c243a71cd47ab5636fe1650212ed50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68981
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 85ms
85ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce80453eac46e8ecc183cd0a9dffa74c3b412e2420119632bb91e698d0cf3436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44319
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H2 200 RCdd630314d8a144ce818cf865b37c1fd3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
1011 B 12ms
12ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 315b703836da97c6a588734471bd908afc143a0b6b812ef09784099f5826399c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:43 GMT
x-amz-version-id: Mc1BdE1MuFtTbP5fK8Oxlj3rkDET8NXQ
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"6dae72e5e8b4818aa95731b9a879be90"
age: 3238
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: MVOE9f30lLztOZY_RJ3guzRaZ6aOFlFCn0xinUnBTbx5qzGGpIu4tA==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 399E 40 KB
24 KB 40ms
40ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09d08cfc66048797443f43efe2a724de318d806af31216cb38b820fc996aaba9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24787
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 298ms
130ms Script
application/javascript 2a02:26f0:dc:39f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:39f::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 981 B
1 KB 8ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:36 GMT
x-amz-version-id: jBS02A5E7SGaufRHuJcSm2hGHdbOU55q
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 3245
etag: "3a4139048c3bdca88df9171ccecd6b34"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 981
x-amz-cf-id: mi_EXyTL6EXlQt5bgKD3MkEeIU7jclW_YXTOGsqNbkCZ5Szt3_UX-w==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 83ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:39 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 73FD950012AE49A1B10A28244975E038 Ref B: FRAEDGE1313 Ref C: 2023-01-29T16:26:40Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 RCfc98541866c44adc8969609b572bc808-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
954 B 17ms
17ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCfc98541866c44adc8969609b572bc808-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:37 GMT
x-amz-version-id: ZEbqouF.wkJtcLZGSvdmAw3BYVMA2a_c
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"71bba86a6ad2931365ec57c49caf3c37"
age: 3244
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: hy_0bfUVZCSSFfOB2655ioix7SVzx5D5H6zTFyjFLnjZ5y8HbdyW6A==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 64ms
15ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44322
accept-ranges: bytes
content-length: 4777

GET
H2 200 RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
985 B 10ms
7ms Script
text/javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:32:38 GMT
x-amz-version-id: G.0yM9_hrd1tYw6WgklxFtmg7J0USqJ9
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:31:57 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"fee1d732b28d479f644a693f2b34ba2f"
age: 3243
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: YJbXNcDrLASCNoXumbWR9FKFE5wJWRdJi7Wt0Wlvy5k6R8dJkREscQ==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 399E 600 B
624 B 13ms
13ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 19:16:51 GMT
x-content-type-options: nosniff
age: 335389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 01 Feb 2023 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 399E 530 B
554 B 13ms
12ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:18:10 GMT
x-content-type-options: nosniff
age: 166110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Feb 2023 18:18:10 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 399E 665 B
689 B 14ms
13ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:26:19 GMT
x-content-type-options: nosniff
age: 226821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Feb 2023 01:26:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 399E 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 12:17:50 GMT
x-content-type-options: nosniff
age: 101330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 399E 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 07:04:14 GMT
x-content-type-options: nosniff
age: 120146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 07:04:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 399E 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 497121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 399E 32 KB
32 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8W8MhqajBoLabDH3K_e4SAdpACeSyA3UZJsGbSHX8UOi4BMwY-IfL1oYAf2fp5bkontnWDN6m3oB0s4rtcAmu7oYgfCkhutYL6g2h8igS3mYg-W2-yqX8IEZRfA9PcH7P6t1rziVtQ8B7WnahjKp-A2GRTZwkrHEd8a3tJB7VGRhvU20IPteFmz3UbsdbqKSnw4mzVGbmyL5Rb6bAnxBHDf85fYxQ&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

902602dfb3625930d3e656c4c196e17046a1f4f87a16cda6a477fda02565e109

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32892
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 16:26:40 GMT

GET
H2 200 34543539 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
770 B 48ms
47ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543539

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

4006c1a7999f4a60af38d3864ac4da2ff83c5a246b70486f442a310656ef5022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web2
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-0db7755b600b2ff77
last-modified: Sun, 29 Jan 2023 15:15:13 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web2
etag: W/"43f871b8e1ac684db92607495f5b521d17c40376"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 782979369 788174799, 112776473 90267330
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:15:13 GMT

GET
H2

200

34543539 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543539
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543539

953 B
986 B

40ms
40ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543539

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

68e3c72d58536b7500cfeaddf14e7e6088a54e610d0ae8779d8dc3b760094248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 342
x-feeds-fv: feeds-prod-euc1-fvauto-06f585a845e455521
last-modified: Sun, 29 Jan 2023 15:16:20 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"f6dca3039654b8d60ad7f2d0817dc3a49f0140fb"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 14243076 23794891, 27728107 23866999
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:16:20 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-mznnsjaz
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0a53a0ae8815c30cf
x-sbe: feeds_web10
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543539
x-varnish: 799072559 811894765, 78586984
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543541 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
765 B 56ms
56ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543541

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

a6ffcefba8ce0e4211c150b53e0979ea7de4417d977923a4a273b04b3886f9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ixniufmx
content-length: 122
x-feeds-fv: feeds-prod-euc1-fvauto-04d0fe6fd1fef16f6
last-modified: Sun, 29 Jan 2023 15:09:45 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web12
etag: W/"981d144e2f1d07d8e24e26e6ee5cb523ca039d8b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 133280702 129584411, 34677464 18589195
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:09:45 GMT

GET
H2

200

34543541 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543541
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543541

955 B
987 B

39ms
38ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543541

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

c5ef31d1e0c897aa27f573c82224590a2d0810e5d0cb84c8f19f350e133fe22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web4
content-length: 341
x-feeds-fv: feeds-prod-euc1-fvauto-09181163a00bd85c4
last-modified: Sun, 29 Jan 2023 15:11:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web4
etag: W/"9033caeb23d393955d7db95a8488521fbf4503ca"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 32358360 41782341, 37153944 35725962
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:11:16 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-hfhmiray
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-07ce831861c61e8c2
x-sbe: feeds_web06
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543541
x-varnish: 158375708 156379067, 551948988
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543545 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
765 B 61ms
61ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543545

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

2c891caa6f8c7242c492656ddbcaaea18c98923febb98cd2446da01af723743f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 122
x-feeds-fv: feeds-prod-euc1-fvauto-00e2d3f5c245ac7b5
last-modified: Sun, 29 Jan 2023 15:08:05 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web07
etag: W/"7dd1a3bc914a881578d14e50b19598ca885ff384"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10798
x-varnish: 34782252 41976680, 171418512 167096993
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:08:05 GMT

GET
H2

200

34543545 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543545
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543545

955 B
984 B

44ms
44ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543545

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

5832cdc61db8a2e74f57f9415aa14433f3952716f4603718502387c8a17d759a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ldtjwkwc
content-length: 340
x-feeds-fv: feeds-prod-euc1-fvauto-0c9bc1005097c5790
last-modified: Sun, 29 Jan 2023 15:08:06 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web01
etag: W/"98b41ff78341e18418314428c23bd1738c1543ad"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 988467434 641760722, 75538625 69768776
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:08:06 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gwkqtxwz
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-068b3841c95b3117e
x-sbe: feeds_web16
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543545
x-varnish: 144307572 150880576, 267069950
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543543 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
758 B 57ms
56ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543543

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f6ff6c95d808e273134334d265c98c94604ba442eae788e397ecb859efb9f88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-mznnsjaz
content-length: 121
x-feeds-fv: feeds-prod-euc1-fvauto-068b3841c95b3117e
last-modified: Sun, 29 Jan 2023 15:08:33 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web10
etag: W/"0ba6fe21b9622c93da23789a6b25a9d7067471dc"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 124157477 130072992, 250112008
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:08:33 GMT

GET
H2

200

34543543 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543543
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543543

955 B
975 B

41ms
41ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543543

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

606d129a21d1b4af0726a4307cbb090be4527681f321b8c8b9bae44000c71b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gogkqhag
content-length: 337
x-feeds-fv: feeds-prod-euc1-fvauto-03ac95df880674fb6
last-modified: Sun, 29 Jan 2023 15:11:36 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web11
etag: W/"b75a558196d77ce14a9738618a69e1b430d04203"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 123570134, 89562909 82368706
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:11:36 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web1
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-095a05c0a876e7607
x-sbe: feeds_zrh4_web1
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543543
x-varnish: 128436187 138100086, 156476337
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543547 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
770 B 50ms
50ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543547

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

32379ce7bc2a772556ae9a275cf220d1a95550392e189bd9c5b17c507c77efd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-qryhirqv
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-06f585a845e455521
last-modified: Sun, 29 Jan 2023 15:42:09 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web07
etag: W/"1a7f47cc5281f290ae2ec1e7f6ffa4210f494b20"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 140656094 140525755, 43912198 36178575
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:42:09 GMT

GET
H2

200

34543547 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543547
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543547

951 B
997 B

55ms
55ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543547

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

14e9cbed88bde5b82da5cf812e9b40487e6ccae5c78ac6d0d0dd748a111ca23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-mznnsjaz
content-length: 348
x-feeds-fv: feeds-prod-euc1-fvauto-00e2d3f5c245ac7b5
last-modified: Sun, 29 Jan 2023 15:43:01 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web10
etag: W/"748c6f3888ff57c43c40ed6f742f72d69b1a84bd"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 129087643 120250986, 185648268 176471428
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:43:01 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-narlgiqb
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0183d8cdca2d7ccd8
x-sbe: feeds_web04
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543547
x-varnish: 137636576 137961188, 592433317 592688155
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543549 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 9 KB
2 KB 112ms
112ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543549

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

79c0ed2a338a1b5106de5213aca682f7c3c9018780f2895726180078b637b454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-gogkqhag
content-length: 1635
x-feeds-fv: feeds-prod-euc1-fvauto-0c40f02be67370ceb
last-modified: Sun, 29 Jan 2023 14:15:43 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web11
etag: W/"30e7d227252c0ecd587949baf5f9e8cdb366710b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 116564722 117414144, 86500081 34568150
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 17:15:43 GMT

GET
H2

200

34543549 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543549
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543549

955 B
1014 B

45ms
45ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543549

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

17074289b1e4513402b9dbbf776f4bfc7a5c366b4cdc1c3e65d0642027210814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2a02:2454:3e9:f000:1682:2b1e:32cf:2385
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web3
content-length: 348
x-feeds-fv: feeds-prod-euc1-fvauto-0b39e6de47dd98fb7
last-modified: Sun, 29 Jan 2023 14:16:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web3
etag: W/"90ce02911ece66cb0a4a5941b62856534dcb1fa4"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 761624065 763939265, 894452403 893304350
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 17:16:16 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dermpluc
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0c9bc1005097c5790
x-sbe: feeds_web13
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543549
x-varnish: 153237810 155791116, 89174491 50816808
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543555 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
765 B 55ms
55ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543555

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

40c2f1a142209434f6fcd4c5563803c8cda86229d571e5406911cf57fdf11f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 122
x-feeds-fv: feeds-prod-euc1-fvauto-0428e647935b15161
last-modified: Sun, 29 Jan 2023 15:14:28 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"d0ce98e2f5f2995c988c3136b4326d5a0768c135"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 11625172 17843280, 135943154 133246593
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:14:28 GMT

GET
H2

200

34543555 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543555
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543555

955 B
975 B

38ms
38ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543555

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

6c240e013d484ff06a3e583e643801a6f1fecee551e6ad2f1401e1e8290d241f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-iyofnzoo
content-length: 339
x-feeds-fv: feeds-prod-euc1-fvauto-01ffd1616ae427b82
last-modified: Sun, 29 Jan 2023 15:19:15 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web15
etag: W/"7e87d8470f8c36fd43f71049f282f7690bfb3b05"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 21414103 17485846, 544908178
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:19:15 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-wbxwrnrz
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0a53a0ae8815c30cf
x-sbe: feeds_web08
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543555
x-varnish: 152158300 140943938, 78989976
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543553 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
764 B 54ms
54ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543553

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

862e8a502a8a2ef54089f5e4f0eaf5db81ffa2863c678b15844f80749f42df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dergvdbg
content-length: 122
x-feeds-fv: feeds-prod-euc1-fvauto-0ccfb5b327bf9022f
last-modified: Sun, 29 Jan 2023 15:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web02
etag: W/"9f72c0e81136322c9f4655ce257821e709fe565c"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 136130394 129876747, 55843807 54857779
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:10:33 GMT

GET
H2

200

34543553 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543553
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543553

955 B
987 B

42ms
42ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543553

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

a9bf62d53accabdf7aca53d3ff5e17c2b3754fabceebfe742fffbdfdd4272b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web2
content-length: 340
x-feeds-fv: feeds-prod-euc1-fvauto-0621c0bd11afdba4f
last-modified: Sun, 29 Jan 2023 15:11:15 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web2
etag: W/"9a9ae756edfb43371f60547c90c3d5ad16791f9f"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 130901000 138610637, 263979988 177626321
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:11:15 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web3
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0b39e6de47dd98fb7
x-sbe: feeds_zrh4_web3
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543553
x-varnish: 145167504 137348351, 892651717
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543551 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
765 B 79ms
79ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543551

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

7df9b5cdf2df92d6a082ee864cfd1c4371a770b43648f0cbc54276a523faed3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-0db7755b600b2ff77
last-modified: Sun, 29 Jan 2023 15:51:13 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"ec9c3d0c68de671da7496ffe5328eff749901801"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 159809559 137813997, 123757654
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:51:13 GMT

GET
H2

200

34543551 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543551
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543551

955 B
998 B

48ms
47ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543551

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f4294322b01913d480ff8102056f138383e54611fbeb1e8fc56a9dcd4a0001b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-narlgiqb
content-length: 350
x-feeds-fv: feeds-prod-euc1-fvauto-0c8145b987b450364
last-modified: Sun, 29 Jan 2023 15:55:13 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web04
etag: W/"657d9d6c996db1dc2a431166d631a0c6675c8b9b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 136816207 125327758, 61746119 53930720
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:55:13 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web6
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0a53a0ae8815c30cf
x-sbe: feeds_web_extra2
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543551
x-varnish: 155950381, 79865303 79013813
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543557 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 90ms
90ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543557

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

b855b0af3ff33d653ce5c7da9b3c8fbdfc31f92cfa420e58a215958a0976d92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-hfhmiray
content-length: 546
x-feeds-fv: feeds-prod-euc1-fvauto-0c40f02be67370ceb
last-modified: Sun, 29 Jan 2023 16:26:07 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web06
etag: W/"688b57608c0ec7030acecac9f3b19cd4098c11aa"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=57
x-varnish: 1017813443 1016765664, 82267035
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:27:07 GMT

GET
H2

200

34543557 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543557
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543557

953 B
994 B

106ms
106ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543557

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

dd9e3c94f27a0c8a8a0e4362bd6a9a5437997ce69eb19c2a8485cf0dd7ba6b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web6
content-length: 342
x-feeds-fv: feeds-prod-euc1-fvauto-0621c0bd11afdba4f
last-modified: Sun, 29 Jan 2023 16:24:08 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra4
etag: W/"34e28b02f924cd8deb9ef735ca45b42b29494c29"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 800485708 820426826, 274682593 277650321
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:29:08 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ixniufmx
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-00e2d3f5c245ac7b5
x-sbe: feeds_web12
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543557
x-varnish: 812085219 1011764641, 187934880 184731777
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34543559 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 2 KB
1 KB 63ms
63ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34543559

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f84d4f321fbbed05df38f3b8907d2212f5e763e91edd7852c5f185f8f8472b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 548
x-feeds-fv: feeds-prod-euc1-fvauto-0ccfb5b327bf9022f
last-modified: Sun, 29 Jan 2023 16:26:01 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web3
etag: W/"e27f9177bafb08bc96cff878e3aff83d68ab52f4"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=55
x-varnish: 813922747 816536776, 71370551 70427188
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:27:01 GMT

GET
H2

200

34543559 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34543559
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543559

951 B
997 B

53ms
53ms

XHR
application/json

2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34543559

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

057f4ad4b2fe160a4ed45d9ced9b8110b38ab2c646dc804cdb0018020f31b453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web5
content-length: 345
x-feeds-fv: feeds-prod-euc1-fvauto-0d0ac16fa511a1073
last-modified: Sun, 29 Jan 2023 16:22:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra1
etag: W/"d46f7021a1c9ac808d00e90bbb9f00a2f0640393"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 1018792101 997309235, 986645627 983944478
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 16:27:11 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web1
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-095a05c0a876e7607
x-sbe: feeds_zrh4_web1
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34543559
x-varnish: 1005746961 1005125087, 139258736 154087689
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 39ms
7ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 158ms
125ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b9a6f084-9f33-494d-a6ab-6d6e9cf1b524&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5cb677cf-b0fa-4d36-a0cb-e0a0806532ba&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 112
date: Sun, 29 Jan 2023 16:26:40 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bc025effe9f048ec
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cda12fcde826a4d993e25deb6bfc560e2ad7f167eebf49fe9f3f85489f3dc5ed
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 338ms
117ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b9a6f084-9f33-494d-a6ab-6d6e9cf1b524&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5cb677cf-b0fa-4d36-a0cb-e0a0806532ba&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 29 Jan 2023 16:26:40 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5448d30f3004773f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 31fcb597a79096eb38a8c031a3c88ae2c676e95df1e26c06614d06c18c67480b
content-length: 43

GET
H2

200

activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame D4DF
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww....

409 B
569 B

50ms
50ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

1573d84e662ad2010eec3595222fdd0e6e139f67e8dda89c23305d1a3c0232dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 232
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:40 GMT
expires: Sun, 29 Jan 2023 16:26:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 84ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1675009600802&cv=11&fst=1675009600802&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=779666493.1675009601&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a752623bd52b52114ab2993d77b724520e3c11b943311313d257dcf578427bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 34543539 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 44ms
44ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543539

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

d249ace5e21f137edd113dd97cb31e2b09fc3c02d54725a7220b5fd9a4ff7652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web6
content-length: 1984
x-feeds-fv: feeds-prod-euc1-fvauto-03c2ddd0a62c7240d
last-modified: Sun, 29 Jan 2023 15:15:04 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra2
etag: W/"c44c6df4d7dce211b15ad4be24b23a640deecfe9"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 140643162 136386446, 162411425 160781586
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:15:04 GMT

GET
H2 200 34543541 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 76ms
75ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543541

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

da29e81b701bae6b2264e8114781bcc6a3f30df7952ce0eeb389ec10d909e737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 168.119.64.251
x-srv: fishnet-prod-feedsbackvar06
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web6
content-length: 1961
x-feeds-fv: feeds-prod-euc1-fvauto-07ce831861c61e8c2
last-modified: Sun, 29 Jan 2023 15:11:00 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra2
etag: W/"8c3d1e5f8f5e4e7d3d69097ff350ce7ebe61c102"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10798
x-varnish: 36716171 856444845, 532694946 524711263
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:11:00 GMT

GET
H2 200 34543545 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 51ms
51ms XHR
application/json 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34543545

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

203a2939ad33b6789f13f317076f02fa3dd610d7a02e1fc5a9a57a0eb7ab40a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:26:40 GMT
xip: 2001:ac8:20:272::2e
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ixniufmx
content-length: 1931
x-feeds-fv: feeds-prod-euc1-fvauto-07ce831861c61e8c2
last-modified: Sun, 29 Jan 2023 15:08:12 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web12
etag: W/"b89223475c6b7e3d56f80c83c0697a5d3f43e6fc"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10798
x-varnish: 122525016 156630034, 548601535 532195309
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 29 Jan 2023 18:08:12 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ 36 B
378 B 52ms
7ms XHR
application/json 2600:9000:206f:6000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:56:16 GMT
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1824
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: KzziBdbTLPPd4zxbxXxujvO6RXOzNZ1hDQ28PFiRKKibOz2LDmP_QQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1675009600821%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJRFBhpcGKwIgAAAYX-Wi80xoHKupWlmCE0jPQpO1P8...

0
266 B

229ms
177ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJRFBhpcGKwIgAAAYX-Wi80xoHKupWlmCE0jPQpO1P8jDztxoeiEMfmakfZ5TJ37Ezt_OA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C2FD5BF2B9734EC68DEBCC6959E47C89 Ref B: FRAEDGE1805 Ref C: 2023-01-29T16:26:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzaZBLy6JNpqLhpG2nCw==

Redirect headers

date: Sun, 29 Jan 2023 16:26:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4A514952A82F4C07A6B4BF6DD649661D Ref B: FRAEDGE1407 Ref C: 2023-01-29T16:26:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1675009600821&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQJRFBhpcGKwIgAAAYX-Wi80xoHKupWlmCE0jPQpO1P8jDztxoeiEMfmakfZ5TJ37Ezt_OA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzaZBISpybSebzY9guFQ==

GET
H2 204 13008914.js Show response
bat.bing.com/p/action/ 0
117 B 113ms
113ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 29 Jan 2023 16:26:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BF0F5DDA136486DB78F6376678A0627 Ref B: FRAEDGE1313 Ref C: 2023-01-29T16:26:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=df657e03-5011-4687-9b75-9588cb33fc17&sid=b607b4809ff111edacf991a19cfcba33&vid=b607c8509ff111ed8f7bdba416ee4631&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Toronto%20Star%20-%20Breaking%20News,%20Toronto%20News,%20Ontario%20News,%20Canada%20News&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=640&evt=pageLoad&sv=1&rn=226923

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 29 Jan 2023 16:26:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E429FBCEA614854A3FE72FEE4EA19FB Ref B: FRAEDGE1313 Ref C: 2023-01-29T16:26:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 134ms
103ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1675009600835&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c19de691-55d1-4e97-9ba9-12c9a11e6e80&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:40 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 3681.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 129ms
18ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3681.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1b03"
content-type: image/png
x-varnish: 74293749 74337635
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6915
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 125ms
15ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1af6"
content-type: image/png
x-varnish: 75063061 74691741
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6902
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 3699.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 122ms
16ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3699.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1257"
x-varnish: 328714934 328775472
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4695
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 119ms
13ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-1707"
content-type: image/png
x-varnish: 641795547 639585689
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5895
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 3683.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 112ms
27ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3683.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1dd7"
content-type: image/png
x-varnish: 462300390 459927138
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7639
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 794340.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 89ms
26ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/794340.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:40 GMT
last-modified: Thu, 23 Sep 2021 14:22:12 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web1
etag: "614c8d94-1299"
content-type: image/png
x-varnish: 504728694 499057416
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4761
expires: Mon, 30 Jan 2023 16:26:40 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 19ms
14ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1327"
content-type: image/png
x-varnish: 463605356 462438054
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4903
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3697.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 17ms
13ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3697.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1204"
content-type: image/png
x-varnish: 463548219 462093529
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4612
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3690.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 34ms
30ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3690.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
server: nginx/1.10.3
x-sbe: logos_prod_web1
etag: "5dd2a1b8-19d8"
content-type: image/png
x-varnish: 14772401 14220796
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6616
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 20ms
15ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx/1.10.3
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1788"
content-type: image/png
x-varnish: 243744241 244303708
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6024
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3678.png
img.sportradar.com/ls/crest/medium/ 9 KB
9 KB 19ms
15ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3678.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

09a36f051aa6f025ec810e84879c542995efba9e5bf8d362acb1fcfa730a866d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
x-sbe: logos_prod_web1
etag: "5dd2a1b8-222f"
x-varnish: 316984289 314943663
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8751
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 25ms
21ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-17cf"
content-type: image/png
x-varnish: 123043883 122476564
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6095
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3698.png
img.sportradar.com/ls/crest/medium/ 10 KB
10 KB 29ms
25ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3698.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Fri, 15 Oct 2021 14:50:01 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web1
etag: "61699519-27cc"
content-type: image/png
x-varnish: 581783300 580283854
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10188
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3675.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 33ms
29ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3675.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe: logos_prod_web1
etag: "5dd2a1b8-18e5"
x-varnish: 12718771 12591270
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6373
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 main.f6304d83.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 131ms
130ms Script
application/javascript 2a02:26f0:dc:39f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f6304d83.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:39f::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fe9b810e040cd8cd5323a13c712440ca"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19456

GET
H2 200 3691.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 24ms
20ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3691.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1323"
content-type: image/png
x-varnish: 463548211 463110602
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4899
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 30ms
27ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe: logos_prod_web2
etag: "5dd2a1b8-198d"
x-varnish: 14846745 13741899
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6541
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 344158.png
img.sportradar.com/ls/crest/medium/ 4 KB
5 KB 32ms
28ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/344158.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:47 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b7-1108"
content-type: image/png
x-varnish: 75949734 74668128
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4360
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3703.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 26ms
22ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3703.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b9-1c84"
content-type: image/png
x-varnish: 512289687 511595063
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7300
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3688.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 22ms
18ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3688.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server: nginx
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1645"
content-type: image/png
x-varnish: 75641005 74594623
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5701
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3694.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 24ms
21ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3694.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1648"
x-varnish: 14530571 14616318
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5704
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1675009600802&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=878966604&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
154 B 22ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1675009600802&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=878966604&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 22ms
19ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1b1f"
x-varnish: 289931421 289704326
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6943
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 3680.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 34ms
31ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3680.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 16:26:41 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
server: nginx
x-sbe: logos_prod_web1
etag: "5dd2a1b8-181e"
content-type: image/png
x-varnish: 465238519 464087814
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6174
expires: Mon, 30 Jan 2023 16:26:41 GMT

GET
H2 200 dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame D4DF 42 B
401 B 132ms
57ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP2dh4KZ7fwCFRfBOwId_2AElg;src=10230056;type=ret01;cat=land01;ord=7465780114471;gtm=2od1p0;auiddc=779666493.1675009601;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
988 B 85ms
85ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1675009601029&cv=11&fst=1675009601029&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=779666493.1675009601&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d4ff6931c1d8f9c5b7770634ea09d1dd0ec63e088cec8e7ba94d2d1aab2e928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 917
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
989 B 25ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1675009601036&cv=11&fst=1675009601036&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=779666493.1675009601&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46beb43876b754e51152b513ce523be4b9696b46eab7646d9be7533c66306381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 11B2 0
72 B 8ms
7ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:41 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
855 B 329ms
49ms XHR
application/json 104.111.216.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1675009601051&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f6304d83.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.64bb1002.1675009601.24d389ea
x-envoy-upstream-service-time: 1
content-length: 375
x-pinterest-rid: 1409413686358744
pin-unauth: dWlkPVl6Qm1NamhtWmpFdE5qSmtNUzAwT0RkaExUbGxaVEl0TWpJM00ySTFPR1E0WkRabQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 324ms
53ms Image
image/gif 104.111.216.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1675009601059

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.64bb1002.1675009601.24d389ec
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5732538815789666
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1675009601036&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2367825457&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1675009601036&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2367825457&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1675009601029&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_start&fmt=3&is_vtc=1&random=1003779806&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/698108511/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108511/?random=1675009601029&cv=11&fst=1675008000000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dform_start&fmt=3&is_vtc=1&random=1003779806&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s32949139425345 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/ 43 B
329 B 18ms
18ms XHR
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/s32949139425345

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 30 Jan 2023 16:26:41 GMT
server: jag
etag: 3597055730069504000-4619398873968146269
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sat, 28 Jan 2023 16:26:41 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
461 B 97ms
57ms XHR
text/javascript 13.224.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=1rhaMeylzSvjd&cb=0&ws=1600x1200&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-9%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-10%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-11%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-12%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.191.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-191-98.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: EM622B1CWK3ND4766G21
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: AEEcIjZsx9tigIpZzqrfFVKCVcUAJIx5sGmtNtup9mAhM0QxngovmQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 78ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 45ms
44ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
10 KB 342ms
341ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2533193116589808&correlator=851640953871892&eid=31071821%2C31071972%2C31071578&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600%2C134x170%2C134x170%2C134x170%2C134x170&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276%2C2480448003%2C4090677273%2C4090677272%2C4090677279&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26tkspo%3D16%26env%3Dbeta%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cgs_entertain%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_politics%252Cgt_mixed%252Cgv_crime%252Cts_bz_ndstry_gnrl%252Cpr_test%252Cgs_politics_misc%252Cgs_sport%252Cts_ent_evnt_attr_gnrl%252Cgv_death_injury%252Cts_pl_nws_lctns_cnd_prvncl%252Cgs_home_property%252Cts_tmtv_ntrst_n_gnrl%252Cts_fmly_prntng_gnrl%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1675009601656&lmt=1675009601&dlt=1675009597717&idt=1192&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245%2C244%2C528%2C812%2C1096&adys=0%2C0%2C972%2C3256%2C4836%2C6592%2C7972%2C2238%2C3424%2C3424%2C3424%2C3424&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x0%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&msz=1x-1%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&fws=0%2C512%2C512%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1504040696.1675009599&ga_sid=1675009602&ga_hid=9532874&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef39d4c25f1174bd52141dfefa1ee1c38856305673e10ca4c7af6423ea24df03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10601
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-1,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-1,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24B6 6 KB
3 KB 119ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:41 GMT
expires: Mon, 29 Jan 2024 16:26:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame DDE3 12 KB
12 KB 30ms
30ms Document
text/html 54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=21dfbc9c-0b73-4b45-844d-c9a17661b707&publisherId=TKN100000001&siteId=4204204311&cb=1675009599308&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11885
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 16:26:42 GMT
expires: 0
last-modified: Thu, 26 Jan 2023 14:19:18 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame DDE3 4 KB
5 KB 30ms
30ms XHR
text/plain 54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=21dfbc9c-0b73-4b45-844d-c9a17661b707&publisherId=TKN100000001&siteId=4204204311&cb=1675009599308&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 91b23ce3bbd5e78d19b995ca4a9904245997bc08551e9010aef7a920c3f61564

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=21dfbc9c-0b73-4b45-844d-c9a17661b707&publisherId=TKN100000001&siteId=4204204311&cb=1675009599308&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:42 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DDE3 70 B
265 B 110ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=e2198559-0755-448e-be75-75fa3b1b21d7

0
376 B

29ms
29ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=e2198559-0755-448e-be75-75fa3b1b21d7
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=e2198559-0755-448e-be75-75fa3b1b21d7
date: Sun, 29 Jan 2023 16:26:42 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3226327988804076983705

0
494 B

31ms
31ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3226327988804076983705
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3226327988804076983705
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame DDE3 0
277 B 93ms
15ms Image
text/plain 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Jan 2023 16:26:42 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DDE3 0
239 B 148ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 298D 16 KB
6 KB 97ms
22ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=21dfbc9c-0b73-4b45-844d-c9a17661b707&publisherId=TKN100000001&siteId=4204204311&cb=1675009599308&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=68516
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 29 Jan 2023 16:26:43 GMT
expires: Mon, 30 Jan 2023 11:28:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 298D 2 KB
3 KB 126ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34032257&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 722b646e8d5b77c1bc2d7de4564e4b06b0203d58d3a477a1ffe250d74093902b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 16:26:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 49A4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=

35 B
468 B

25ms
24ms

Document
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 29 Jan 2023 16:26:43 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 29 Jan 2023 16:26:43 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 177D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:553763d6-9e43-4a00-befb-7753d337e8c4&gdpr=0&gdpr_consent=

42 B
557 B

131ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:553763d6-9e43-4a00-befb-7753d337e8c4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 29 Jan 2023 16:26:43 GMT
Expires: Sun, 29 Jan 2023 16:26:42 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 404 ce67235 master cdg-pixel-x30 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:553763d6-9e43-4a00-befb-7753d337e8c4&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 55A6
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8733455583751861714

42 B
424 B

31ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8733455583751861714
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8733455583751861714
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A81C 43 B
363 B 227ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:43 GMT
expires: Sun, 29 Jan 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 683358
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 201C
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4

42 B
421 B

124ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 29 Jan 2023 16:26:43 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame C6E8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

205ms
205ms

Document
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 16:26:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: G1TQ69J39126EDMFS379

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 29 Jan 2023 16:26:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 1T669VCS78DZK74FT4YX

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 298D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Z9i-BvjrSiGZXC77pr86Bg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

22ms
22ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:43 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=68516
accept-ranges: bytes
content-length: 5554
expires: Mon, 30 Jan 2023 11:28:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/ Frame 298D
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
265 B

125ms
31ms

Image
image/gif

34.248.202.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 34.248.202.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-202-189.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.54
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 298D
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&addseg=19,36,42

0
0

107ms
15ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Sun, 29 Jan 2023 16:26:43 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 298D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEOEJFMDYtRjhFQi00QTIxLTk5NUMtMkVGQkE2QkYzQTA2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

48ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 298D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB6SPa9EMcYB8q3iTFiBSIc&google_cver=1

42 B
298 B

46ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB6SPa9EMcYB8q3iTFiBSIc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB6SPa9EMcYB8q3iTFiBSIc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 298D 43 B
612 B 66ms
15ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 28 Jan 2023 16:26:43 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 298D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2363075568268335670

42 B
219 B

83ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2363075568268335670
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 29 Jan 2023 16:26:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2363075568268335670
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 298D 70 B
264 B 36ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=2363075568268335670

0
602 B

30ms
29ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=2363075568268335670
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=2363075568268335670
date: Sun, 29 Jan 2023 16:26:43 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame DDE3 0
35 B 42ms
7ms Image
text/plain 18.195.181.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.181.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-181-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y9aeRGf89YHZLS-NFiBmgwAA%261220

0
724 B

39ms
39ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y9aeRGf89YHZLS-NFiBmgwAA%261220
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTqN%2FFnY9kW8D8codVc9tjN4nM5UiCJwYOFI2fgjQoRB9PyEpfLNyfDUPireMzu5a6dsGkjUUro3aghnogqua3RpCw1kAn2p2jc%2BaNXbPhccb%2F099maMBfCDh%2FX2966PISxjMdiF"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y9aeRGf89YHZLS-NFiBmgwAA%261220
cache-control: no-cache
cf-ray: 791354c9bf802c2d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 24ms
24ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:44 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 26ms
25ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Jan 2023 16:26:44 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 0F96 565 B
591 B 50ms
50ms Document
text/html 104.111.216.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f6304d83.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.64bb1002.1675009604.24d399d2
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 16:26:44 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 5728803774822894

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 93ms
57ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c880ab8c8fd39b74cf5af4164f8bc5b65cea156e2462893c6d6cc89d92186029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11199
x-xss-protection: 0

GET
H2 200 B24540798.279406836;sz=1x2;ord=174698883538 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 34 KB
13 KB 69ms
68ms Script
text/javascript 142.250.180.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=174698883538?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f6.1e100.net

Software

cafe /

Resource Hash

97d52298470bad459b73c596a64012e99c919440ca7a06c4bb497d049f7bd9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12884
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 44ms
43ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec3ae47d1eca2b6aedac10f63a8887567ff9102b8c8bb86add3877a918614cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40103
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 16:26:44 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-wGWPyvVE2uFuX.ANlmQNrAhsi6leNT.5YY9482k-~A&gdpr=0

0
861 B

33ms
32ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-wGWPyvVE2uFuX.ANlmQNrAhsi6leNT.5YY9482k-~A&gdpr=0
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-wGWPyvVE2uFuX.ANlmQNrAhsi6leNT.5YY9482k-~A&gdpr=0
date: Sun, 29 Jan 2023 16:26:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ 8 KB
3 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=174698883538?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
0 83ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue4rsqCDZaBKb5W7BDdW5CLvOn4y5Iq1FKhzvD0ChS8V53eKczYT8j08GW8Bfzd3kRpw0Vthsqr3rckXlB1vph5tBmGMXPAlZSMLA8GgOkOajY-KtvR9lgwzZcNLje-fJ-AfRVJlPblbzl02i3ZzkJqyQ-nNc7nA&sai=AMfl-YSNjkaKpmjYTaSDzvH7a5HszULFA6ZspkGSdVsA7DEj7MmuK4aIx3QEWITEQ-l_GtkQCCuW3CRFk6dYiVSbPKN5Mte3XUPx7I4BxK_t&sig=Cg0ArKJSzEVi510pcTXwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230124.17846&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=174698883538?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 16:26:44 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
62ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 16:26:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE3F 13 KB
5 KB 27ms
21ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 199362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:04:02 GMT
expires: Sat, 27 Jan 2024 09:04:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE18 783 B
537 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee4f040c51723cfc7551b8b966c9f23475ca5647aaf1b585933118aefcef1829

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ZDqQt9PZV4J2T4cOQ5WLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-6ZDqQt9PZV4J2T4cOQ5WLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 16:26:44 GMT
expires: Sun, 29 Jan 2023 16:26:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE18 0
0 43ms
42ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=2533193116589808&rc=05AOOcfwsROtWW8cFOYpBDMLXcg0jMpG0iN7spo1gNXskM3-IGhtLWrzrL0l75-lmx6-wuAqHtNgGZU-ovH5-fIIvboVz_I10KJgTQpimHpNnOTUGBC_RPRWhb9pNgL1o8-EAcHVmE7eA1cUFIncL5wWTcD05MoFZKCsWRW_jOsbgf4h6cmZhWAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js Show response
pagead2.googlesyndication.com/bg/ Frame BE3F 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14214
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 14:20:48 GMT

GET
H/1.1 200
OK PrebidServer
crb.kargo.com/api/v1/dsync/ Frame DDE3 43 B
360 B 65ms
7ms Image
image/gif 3.64.129.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.129.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-129-233.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 16:26:44 GMT
X-Accel-Expires: 0
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE3F 0
10 B 22ms
22ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3XNniQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame DDE3 0
0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1be8ea3f-23c3-4ec0-a38b-efabbee28a8d

0
979 B

29ms
29ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1be8ea3f-23c3-4ec0-a38b-efabbee28a8d
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1be8ea3f-23c3-4ec0-a38b-efabbee28a8d
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: k03b3811l4udpc187jro901go46crs9u

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3984613629620542077

0
1 KB

34ms
33ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3984613629620542077
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=3984613629620542077
date: Sun, 29 Jan 2023 16:26:44 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=090660a1-bd78-43b7-80e3-d61132f4d8a8

0
1 KB

30ms
30ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=090660a1-bd78-43b7-80e3-d61132f4d8a8
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=090660a1-bd78-43b7-80e3-d61132f4d8a8
date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=2533193116589808&bg=!JiWlJWHNAAZSrDxfcqw7ACkAdvg8WpclSDlrw99hq8XrQ1uTHsP1nC0CV5Zzg1suKuLS-akFAMUnjwIAAABEUgAAAANoAQeZArAwGJKzl8aMJV81eLv_kUIYs7RqiM1Dg0F2W0-2qq4xcTonNpF1HPumRgJHYxgDoGejQ-RxXurot-3XRz5l8j1SeYrvI-FvL78N-ABnKiCimLIORPZEdXjDS3PlST4uewiWXwgOa4uo3E0p7Tlj5KkIuOeszITIri0-cxr5JnveeDEvGwhOXBdfGAs1qG9eYtNo_yQT4YYsb55ufyorCTpZFhYGvwc11Zu0HQfTzptNMtdTvE1WCZf9NLs3ZsXh7Fju5xSMX1iW44hz5ReFM_X4CzKgWEoWrmj3c6ReYdbP1hXtej1OXsYKhKpJQ2xGSJ6iF6fS-UhHklQnCRcOvTSJVnSe4Bspks7NUHzln5pmmnIhyzywPb1LMvGEQWwxfSNMV0QZ3FvyzlUsyoXf4SYU7j9k5A90NmncBlv2D5e09dMPmap4iv03jgJB8lh8Cj-xGrqY__1HICP7uZc8WACV6namqlTLHaCAgKEpx48dxSsK3yj63Q6yLdNMlwE_AmP6RTkhtWhezlBbRsLmRrHLSaW5Hxq4nkmm2_CytE92YjVBOtu_R_HeUOTN8m8iz7jd9t3_n3V3MRkqwkpCfVodCHAaMZnnkShvoPai48IQQsW63PpuZ0IWNq-g1NfyyGGv9DEae85Tmq5Rpsq2-ZTzsHhNa7GFI6tY_dg6JjbUzRXfnu_XX9AbzfZLfEhI8jlP4vQtrbXgtofmaIM7SXrjIfTrRqSCO34ajvAEzP20FF_WgaHmghEhvP29MUgZAeKujI0vh2x2hrXlzQyEgDrDyCjzopafLsm0tbreLYNHJOB93Ij7NCBUC16AjVXPnUdDKrjy0ENbd32qKH9o7qA8B-Bi1-nel51UaGc9OYgC_KvyhigE7x_0zbk7o7oZM_CbDEzy2o_E5RGMUkGL3EB5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=006fb40c-d02f-4a11-961b-e54d6646aa0a

0
1 KB

32ms
32ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=006fb40c-d02f-4a11-961b-e54d6646aa0a
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=006fb40c-d02f-4a11-961b-e54d6646aa0a
access-control-allow-origin: *
date: Sun, 29 Jan 2023 16:26:45 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 298D 0
260 B 237ms
14ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADlPU7HrT0AACIJvLUfWg

0
1 KB

29ms
29ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADlPU7HrT0AACIJvLUfWg
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADlPU7HrT0AACIJvLUfWg
Date: Sun, 29 Jan 2023 16:26:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame DDE3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=570631288278613345

0
2 KB

29ms
29ms

Image
text/plain

54.220.90.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=570631288278613345
Protocol: H2
Server: 54.220.90.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-90-47.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 16:26:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Date: Sun, 29 Jan 2023 16:26:45 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.102; 146.70.117.102; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e2a6586b-dd5b-40d5-a954-fdc80d92a29f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=570631288278613345
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

308 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

111 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
n511.thestar.com/DG/DEFAULT	1970-01-20 18:52:49	Name: BCSessionID Value: 9fb94a7a-7202-4cd7-9231-3315a16989c8
torstar.blueconic.net/DG/DEFAULT	1970-01-20 18:02:25	Name: BCSessionID Value: 9fb94a7a-7202-4cd7-9231-3315a16989c8
www.google.com/recaptcha	1970-01-20 13:36:01	Name: _GRECAPTCHA Value: 09AOOcfwvmyTMEQ4FL-3R3x6Rfeg3yU59KsGde6tsE3r0GdhJR1gH1MCPy3nXkyrlATTZKqq6IvaSzQjs75C0EO68
www.thestar.com/	1970-01-20 18:02:25	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 18:02:25	Name: last_visit_bc Value: 1675009597858
.thestar.com/	1970-01-20 18:02:25	Name: bc_tstgrp Value: 2
.thestar.com/	1970-01-20 18:03:51	Name: _vwo_uuid_v2 Value: D93846A5CFACCB03A8477788B5FBA10EF\|30b5263f9ce8427d9f6b14c38c050a97
.thestar.com/	1970-01-20 11:40:49	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-20 18:52:49	Name: _vwo_uuid Value: D93846A5CFACCB03A8477788B5FBA10EF
.thestar.com/	1970-01-20 09:16:51	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 11:26:25	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241675009597%3A9.51766161%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A1
www.thestar.com/	1970-01-20 10:00:01	Name: AccessToken Value: idv2ldhlgtohdkg6juaylxeq2t4hkzzrr
.thestar.com/	1970-01-20 13:37:27	Name: permutive-id Value: 172786cb-0af5-4c7a-a576-2b3903567585
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 11:26:25	Name: pxid Value: 3e4577bd-99f7-4b3d-a4e5-1a90165e9630
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 6766d7af-a5a4-4a2e-c8a4-defe97e66214
.thestar.com/	1970-01-20 18:02:25	Name: _ig Value: 06736a47-1994-4aa7-aed2-da175e6ea2a3
.thestar.com/	1970-01-20 09:16:51	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1675009598839%2C%22slts%22:0}
.demdex.net/	1970-01-20 13:36:01	Name: demdex Value: 25248230310320063220652621130009062680
.thestar.com/	1970-01-20 09:18:16	Name: _gid Value: GA1.2.1007964397.1675009599
.thestar.com/	1970-01-20 09:16:49	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 09:16:49	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
www.thestar.com/	1970-01-20 10:00:01	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 18:52:49	Name: local_ga_B4CQN4KW3R Value: GS1.1.1675009599.1.0.1675009599.60.0.0
.thestar.com/	1970-01-20 18:52:49	Name: local_ga Value: GA1.1.1504040696.1675009599
.thestar.com/	1970-01-20 18:52:49	Name: s_ecid Value: MCMID%7C25234190571039694640649527826468042514
.thestar.com/	1970-01-20 18:52:49	Name: _ga_6FZFMVVWVN Value: GS1.1.1675009599.1.0.1675009599.60.0.0
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1675009599076
.everesttech.net/	1970-01-20 18:02:25	Name: everest_g_v2 Value: g_surferid~Y9aePwAAAN1MawOJ
.dpm.demdex.net/	1970-01-20 13:36:01	Name: dpm Value: 25248230310320063220652621130009062680
.thestar.com/	1970-01-20 18:52:49	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19387%7CMCMID%7C25234190571039694640649527826468042514%7CMCAAMLH-1675614398%7C6%7CMCAAMB-1675614398%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675016799s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19394%7CvVersion%7C5.5.0
www.thestar.com/	1970-01-20 18:02:25	Name: selectedPersonalizedCategories Value: []
www.thestar.com/	1970-01-20 18:02:25	Name: personalizedListModeEnabled Value: true
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 18:46:13	Name: _parsely_visitor Value: {%22id%22:%22pid=c3e31843d238250ac371cccf4608bdd3%22%2C%22session_count%22:1%2C%22last_session_ts%22:1675009598839}
www.thestar.com/	1970-01-20 18:02:25	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 9fb94a7a-7202-4cd7-9231-3315a16989c8
torstar.blueconic.net/	1970-01-20 09:26:54	Name: AWSALBCORS Value: 9TdudB6DU7WtynJhVEiKSlmcw91y0VW4CEtSxbB4RJVkOxOsaOWQQFsZoXy2oiy/EH08ARR0Vdq+HHjHQozr3nqi6uZ5n8j9h5pl0reuP4PH4zQSndoKzVEXpD3d
.www.thestar.com/	1970-01-20 18:52:49	Name: ts_s_ecid Value: MCMID%7C25234190571039694640649527826468042514
.thestar.com/	1970-01-20 18:52:49	Name: _ga Value: GA1.2.1504040696.1675009599
.thestar.com/	1970-01-20 09:16:49	Name: _gat_sirwidgets_0 Value: 1
.thestar.com/	1970-01-20 11:26:25	Name: _fbp Value: fb.1.1675009600499.760614041
n511.thestar.com/	1970-01-20 09:26:54	Name: AWSALB Value: 92YXfwbBZyUW3ygGtsxLBgGqONKYyUsIwJiKXMlsGJD318v5qZ83v7UNr/h3LvpZDON4TW+5wfovtU+fRES7LWNVapUV/mqwe7XpOslRhDi7O21tqY+bCDjSM269
n511.thestar.com/	1970-01-20 09:26:54	Name: AWSALBCORS Value: 92YXfwbBZyUW3ygGtsxLBgGqONKYyUsIwJiKXMlsGJD318v5qZ83v7UNr/h3LvpZDON4TW+5wfovtU+fRES7LWNVapUV/mqwe7XpOslRhDi7O21tqY+bCDjSM269
.thestar.com/	1970-01-20 11:26:25	Name: _gcl_au Value: 1.1.779666493.1675009601
.thestar.com/	1970-01-20 09:18:16	Name: _uetsid Value: b607b4809ff111edacf991a19cfcba33
.thestar.com/	1970-01-20 18:38:25	Name: _uetvid Value: b607c8509ff111ed8f7bdba416ee4631
.thestar.com/	1970-01-20 11:26:25	Name: _rdt_uuid Value: 1675009600835.c19de691-55d1-4e97-9ba9-12c9a11e6e80
.bing.com/	1970-01-20 18:38:25	Name: MUID Value: 19F420D029566B0F3513327828846A98
www.thestar.com/	1970-01-20 09:18:16	Name: ln_or Value: eyIzMTE2ODY4IjoiZCJ9
.t.co/	1970-01-20 18:52:49	Name: muc_ads Value: 01936eaf-ef91-4316-b7cb-dbb887aa3b10
.doubleclick.net/	1970-01-20 18:38:25	Name: IDE Value: AHWqTUktkAwnLL16T4TylQSeA_Ry-7vfKVD4H69L1iIEn61uw96aFOg7qJSjn2eN0qo
.linkedin.com/	1970-01-20 10:00:01	Name: UserMatchHistory Value: AQLqQnL-R-tDWwAAAYX-Wi3DgrazV3BqmVk1mfls5racoalSJditxMdc5Y2OMP1QP1-7f2xrLdYtTA
.linkedin.com/	1970-01-20 10:00:01	Name: AnalyticsSyncHistory Value: AQL-Kv1Bjy0c6wAAAYX-Wi3DAsfwpXZ_4TqBEleJNUHW0axh-ZqPlD1ZXf-5-ASTFt6D52jwTY5eFMXuIQ1B7Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:02:25	Name: bcookie Value: "v=2&5901f636-1046-4835-803c-c30592b0c489"
.linkedin.com/	1970-01-20 09:18:16	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2464:u=1:x=1:i=1675009600:t=1675096000:v=2:sig=AQHLdiL2GySkVGJWKO9rZd34E8l3OdNl"
.twitter.com/	1970-01-20 18:52:49	Name: guest_id_marketing Value: v1%3A167500960103460818
.twitter.com/	1970-01-20 18:52:49	Name: guest_id_ads Value: v1%3A167500960103460818
.twitter.com/	1970-01-20 18:52:49	Name: personalization_id Value: "v1_4yTHCAz9MEFZDzGqX3S/fw=="
.twitter.com/	1970-01-20 18:52:49	Name: guest_id Value: v1%3A167500960103460818
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:02:25	Name: bscookie Value: "v=1&20230129162641c2e579c7-8fa6-4618-8d11-256954ab826bAQEXJOw30oDJbqTSfvp9d-nc-ppMKfo2"
.linkedin.com/	1970-01-20 13:36:01	Name: li_gc Value: MTswOzE2NzUwMDk2MDE7MjswMjHr2ew3S3kJPCl97th4EP8Mhkdn1agYCXslNZGVxrIhXQ==
.thestar.com/	1970-01-20 10:00:01	Name: s_nr Value: 1675009601280-New
.thestar.com/	1970-01-20 18:02:25	Name: s_nr2 Value: 1675009601280-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 18:02:25	Name: _pin_unauth Value: dWlkPVl6Qm1NamhtWmpFdE5qSmtNUzAwT0RkaExUbGxaVEl0TWpJM00ySTFPR1E0WkRabQ
.thestar.com/	1970-01-20 18:38:25	Name: __gads Value: ID=cf8ed778a8b48844:T=1675009601:S=ALNI_MbcfO0pj1no_L2b6-mSOjUGRlCypA
.thestar.com/	1970-01-20 18:38:25	Name: __gpi Value: UID=00000bceb2111323:T=1675009601:RT=1675009601:S=ALNI_MariNB-_UjMOmHR4CpLzjDwDk0isA
.the-ozone-project.com/	1970-01-20 11:26:25	Name: ozone_uid Value: 2L0YjcKu7BHWLtYxbU51cKN6HyU
ads.avct.cloud/	1970-01-20 18:02:25	Name: uuid Value: e2198559-0755-448e-be75-75fa3b1b21d7
.3lift.com/	1970-01-20 11:26:25	Name: tluid Value: 3226327988804076983705
.pubmatic.com/	1970-01-20 18:02:25	Name: KADUSERCOOKIE Value: 67D8BE06-F8EB-4A21-995C-2EFBA6BF3A06
.pubmatic.com/	1970-01-20 11:26:25	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:18:16	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 11:26:25	Name: DPSync3 Value: 1676160000%3A219_221_201_197
.pubmatic.com/	1970-01-20 11:26:25	Name: SyncRTB3 Value: 1676160000%3A251_220_21_7_8_13_56_54_161%7C1676246400%3A35
.quantserve.com/	1970-01-20 11:26:25	Name: d Value: EP0BCwGVKPijAA
.quantserve.com/	1970-01-20 18:47:04	Name: mc Value: 63d69e43-716a9-0f05e-dd35e
.onaudience.com/	1970-01-20 18:02:25	Name: cookie Value: f2652e944c7bbf1b
.onaudience.com/	1970-01-20 09:18:16	Name: done_redirects104 Value: 1
.fiftyt.com/	1970-01-20 18:02:25	Name: fifid Value: e404dc49-50a4-4df5-6911-68ee9e0b9ecb
.fiftyt.com/	1970-01-20 18:02:25	Name: cs Value: MTY3NTAwOTYwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJ9ZFV1OwR2HutECfwPXWvau-pwaWerBneZmqR9-eb1V
.simpli.fi/	1970-01-20 18:03:52	Name: suid Value: 92E7D4473AF64CE9A26EF419663266F8
.fiftyt.com/	1970-01-20 09:26:54	Name: fppm Value: 20230129162643
.mathtag.com/	1970-01-20 18:42:44	Name: uuid Value: 553763d6-9e43-4a00-befb-7753d337e8c4
.adform.net/	1970-01-20 10:00:01	Name: C Value: 1
.de17a.com/	1970-01-20 17:55:13	Name: guid Value: 1.8733455583751861714
.adform.net/	1970-01-20 10:43:13	Name: uid Value: 2363075568268335670
.pubmatic.com/	1970-01-20 10:00:01	Name: KRTBCOOKIE_336 Value: 5844-8733455583751861714
.pubmatic.com/	1970-01-20 10:00:01	Name: KRTBCOOKIE_80 Value: 22987-CAESEB6SPa9EMcYB8q3iTFiBSIc&KRTB&16514-CAESEB6SPa9EMcYB8q3iTFiBSIc&KRTB&23025-CAESEB6SPa9EMcYB8q3iTFiBSIc&KRTB&23386-CAESEB6SPa9EMcYB8q3iTFiBSIc
.pubmatic.com/	1970-01-20 10:00:01	Name: KRTBCOOKIE_153 Value: 1923-3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4&KRTB&19420-3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4&KRTB&22979-3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4&KRTB&23403-3HL5SdMkqUzHdqxJi3iwT4xxqBrHJflM3yQ03bM4
.pubmatic.com/	1970-01-20 10:00:01	Name: KRTBCOOKIE_27 Value: 16735-uid:553763d6-9e43-4a00-befb-7753d337e8c4&KRTB&16736-uid:553763d6-9e43-4a00-befb-7753d337e8c4&KRTB&23019-uid:553763d6-9e43-4a00-befb-7753d337e8c4&KRTB&23114-uid:553763d6-9e43-4a00-befb-7753d337e8c4
.pubmatic.com/	1970-01-20 10:00:01	Name: PugT Value: 1675009603
.pubmatic.com/	1970-01-20 10:00:01	Name: KRTBCOOKIE_391 Value: 22924-2363075568268335670&KRTB&23263-2363075568268335670
.amazon-adsystem.com/	1970-01-20 15:09:37	Name: ad-id Value: A4jnrGcydUx4l7GRpU4DoNI
.amazon-adsystem.com/	1970-01-20 18:52:49	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 18:02:25	Name: CMID Value: Y9aeRGf89YHZLS-NFiBmgwAA
.casalemedia.com/	1970-01-20 11:26:25	Name: CMPS Value: 1220
.casalemedia.com/	1970-01-20 11:26:25	Name: CMPRO Value: 1220
.yahoo.com/	1970-01-20 18:02:47	Name: A3 Value: d=AQABBESe1mMCEDzS_5rStqm8wXu_sBVUNxMFEgEBAQHv12PgYwAAAAAA_eMAAA&S=AQAAAmFBeJJrdExvq2cSQuk9OpQ
.analytics.yahoo.com/	1970-01-20 18:02:25	Name: IDSYNC Value: 199b~29p4
.openx.net/	1970-01-20 18:02:25	Name: i Value: f19a5aa9-33db-42de-92d1-e7565b9e7bfd\|1675009604
.smartadserver.com/	1970-01-20 18:47:03	Name: pid Value: 3984613629620542077
.bidswitch.net/	1970-01-20 18:02:25	Name: tuuid Value: 090660a1-bd78-43b7-80e3-d61132f4d8a8
.bidswitch.net/	1970-01-20 18:02:25	Name: c Value: 1675009605
.bidswitch.net/	1970-01-20 18:02:25	Name: tuuid_lu Value: 1675009605
.the-ozone-project.com/	1970-01-20 11:26:25	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMjM2MzA3NTU2ODI2ODMzNTY3MCIsImV4cGlyZXMiOiIyMDIzLTAyLTEyVDE2OjI2OjQzLjk3ODM0ODQ3N1oiLCJzb3VyY2UiOiJjb29raWUifSwiYXZvY2V0Ijp7InVpZCI6ImUyMTk4NTU5LTA3NTUtNDQ4ZS1iZTc1LTc1ZmEzYjFiMjFkNyIsImV4cGlyZXMiOiIyMDIzLTAyLTEyVDE2OjI2OjQyLjgxNjA2MzAxWiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJncmlkIjp7InVpZCI6IjA5MDY2MGExLWJkNzgtNDNiNy04MGUzLWQ2MTEzMmY0ZDhhOCIsImV4cGlyZXMiOiIyMDIzLTAyLTEyVDE2OjI2OjQ1LjIxNDkzMzgwMloiLCJzb3VyY2UiOiJjb29raWUifSwiaXgiOnsidWlkIjoiWTlhZVJHZjg5WUhaTFMtTkZpQm1nd0FBXHUwMDI2MTIyMCIsImV4cGlyZXMiOiIyMDIzLTAyLTEyVDE2OjI2OjQ0LjE2ODUyODMxM1oiLCJzb3VyY2UiOiJjb29raWUifSwib3BlbngiOnsidWlkIjoiMWJlOGVhM2YtMjNjMy00ZWMwLWEzOGItZWZhYmJlZTI4YThkIiwiZXhwaXJlcyI6IjIwMjMtMDItMTJUMTY6MjY6NDQuNjc1NTQzODY0WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzbWFydCI6eyJ1aWQiOiIzOTg0NjEzNjI5NjIwNTQyMDc3IiwiZXhwaXJlcyI6IjIwMjMtMDItMTJUMTY6MjY6NDQuODg1NTA2N1oiLCJzb3VyY2UiOiJjb29raWUifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzMjI2MzI3OTg4ODA0MDc2OTgzNzA1IiwiZXhwaXJlcyI6IjIwMjMtMDItMTJUMTY6MjY6NDIuODg4MDUzMDM1WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJ5YWhvbyI6eyJ1aWQiOiJ5LXdHV1B5dlZFMnVGdVguQU5sbVFOckFoc2k2bGVOVC41WVk5NDgyay1-QSIsImV4cGlyZXMiOiIyMDIzLTAyLTEyVDE2OjI2OjQ0LjQ4Njg5MDg5MVoiLCJzb3VyY2UiOiJjb29raWUifX0sImJkYXkiOiIyMDIzLTAxLTI5VDE2OjI2OjQyLjgxNjA2MDA5N1oifQ==

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9934585543739238(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-1109323de58fbf93c34cede3640c090f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f2652e944c7bbf1b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=174698883538? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=174698883538?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
6565346e768da3ccab6a9010f3702569.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.permutive.com
api.thestar.com
aud.pubmatic.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
crb.kargo.com
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
eb2.3lift.com
elb.the-ozone-project.com
engagefront.theweathernetwork.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
misc.thestar.com
n511.thestar.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
prebid.the-ozone-project.com
push.kumulos.com
px.ads.linkedin.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
thestar.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
uswidgets.fn.sportradar.com
visitor.fiftyt.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
104.111.216.191
104.18.33.19
104.244.42.67
104.244.42.69
13.107.42.14
13.224.189.108
13.224.189.26
13.224.189.87
13.224.191.98
13.224.194.170
13.224.194.76
13.224.195.78
13.225.78.118
13.225.78.21
13.225.84.171
13.32.27.75
13.37.25.97
130.211.23.194
141.94.171.214
142.250.180.198
142.250.186.166
142.250.186.66
142.251.208.98
143.204.215.108
151.101.129.140
151.139.128.10
178.250.0.163
18.195.181.132
18.203.152.154
185.29.134.244
185.64.189.110
185.64.189.229
185.64.190.78
185.64.190.80
185.86.139.103
193.123.32.111
198.47.127.20
199.232.16.157
2001:4860:4802:32::36
213.155.156.167
23.35.236.201
23.35.237.151
2600:1f18:1430:9001:19d6:7df1:3355:8814
2600:9000:206f:6000:2:53b2:240:93a1
2600:9000:20eb:8000:16:970:b940:93a1
2606:4700:20::681a:246
2606:4700:20::681a:990
2606:4700:20::ac43:4686
2606:4700::6810:7baf
2606:4700::6812:1af
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a00:1450:400d:802::2002
2a00:1450:400d:805::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9b
2a02:26f0:3500:14::1724:a24b
2a02:26f0:3500:16::215:14a0
2a02:26f0:dc:39f::1931
2a02:26f0:dc::6853:411
2a02:26f0:dc::6853:41b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a03:b0c0:3:d0::be2:3001
2a03:b0c0:3:f0::1bc:5000
2a04:4e42:200::396
3.126.56.137
3.33.220.150
3.64.129.233
34.107.254.252
34.120.23.223
34.248.202.189
34.251.149.144
34.96.102.137
35.156.218.117
35.190.14.224
35.201.96.126
35.204.158.49
35.227.252.103
35.241.9.51
37.157.3.30
37.157.4.23
37.252.171.53
51.104.28.77
52.17.99.225
52.213.249.147
52.72.172.171
54.155.166.244
54.170.158.38
54.220.90.47
54.229.240.67
65.9.61.60
67.220.228.200
69.173.144.165
72.251.249.13
76.223.111.18
99.86.4.121
0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
02463aab76e19152f1c10c3b126fe850915315e44e6fc6b69630974324964c1a
0372efae2ee2ae85f8929bb5e36cd4e7d2eef97cd131e7529e0e3f34aac5eced
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
046395b32b0cb5a3d41914415d0c1e0ff914800e6d5a1ece93fadef930fc37fe
057f4ad4b2fe160a4ed45d9ced9b8110b38ab2c646dc804cdb0018020f31b453
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079e1954d6a209a39d6f85006b4059af195a1b183d84ce680d334b3f2eed7f29
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
09a36f051aa6f025ec810e84879c542995efba9e5bf8d362acb1fcfa730a866d
09d08cfc66048797443f43efe2a724de318d806af31216cb38b820fc996aaba9
0bf0e06297d2d27ddb9c387dda085217093e26a9bbb04683765ff628ba3c993b
0d1fe900bf1cf1cc03ba46bfcb95c0066e6ceebe2e9a5d364bc9c9b7b396518d
0ff2ba9b6d955f08c52856fb97bc771d3f12ce829c1fa6287aeaf82c3ede794c
11b758236cc927c9b238317bd42953a68b97b2f9edfb80cde71bbc4ce3023a4c
1200dac1322c6c3eb6a80d630092bc3d275068d87aec3b9de8fcd488479e663d
13673140e8b594d1fd056e71176f4cc7c1959bd7a0d3ab3edcb63b4e3125072c
1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c
14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800
14e9cbed88bde5b82da5cf812e9b40487e6ccae5c78ac6d0d0dd748a111ca23e
1573d84e662ad2010eec3595222fdd0e6e139f67e8dda89c23305d1a3c0232dc
17074289b1e4513402b9dbbf776f4bfc7a5c366b4cdc1c3e65d0642027210814
173ad626273623a1abcbd89e25b28745b695e59be394fba1ffe03d4b565e71d3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1936d94a7cc2ffa181c260469cd7fd27c8b96fc9c255ef3e954b1ac445b7a26a
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
203a2939ad33b6789f13f317076f02fa3dd610d7a02e1fc5a9a57a0eb7ab40a6
21d78299d331d351b8c1dd6ebabc68a74e9ae750fffd3f4a02c900c8474c0c3c
221ddd4c247e9d304cce1c2974d81b519c67b143eee339aeb1709b8f39b3809a
227e2743eb9511e6d3435c1ea7409b4bbb8931f08666939deb8c8a59bf45d441
2369e6bc5f7f968d67ee006cc9e3f82d89bb723aa2a296f2a1683a1dad22485c
23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64
24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2ac10b4585cefa7d8cc5d10683fc08931b81666554f3d289387a9fa5cb5e8590
2af4afbd842993985249d8ecb39222366e835c47e59237c72e3b570448736266
2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d
2c44bfbe8938374a92db5a3909f21956c4e244ded3e744b57e763db1b8442d17
2c891caa6f8c7242c492656ddbcaaea18c98923febb98cd2446da01af723743f
2d4d3ba86e7a2b0345f22f04349bfc732ae32178f56458900186154777194139
2d4ff6931c1d8f9c5b7770634ea09d1dd0ec63e088cec8e7ba94d2d1aab2e928
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff7ecd210868ebc3f4dff40435839bad1872588249677c36dcd29679d85278a
306a5803d8d3c092d2c56e3e4351171230585330e43ce1862b80f0901e58db3b
306fcd66df6ecf9ae9b422f505b38f070f09f543d40d53a9eb7af806cbdf274a
3107c21aecda61b2789afe2d26b300613439dcd2010602a8a8f52d9f2848cb58
315b703836da97c6a588734471bd908afc143a0b6b812ef09784099f5826399c
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c9f59a7ed0384b28faa9a3459d3eb4bfa0bbe871c3c9f0576126bdb9e2f218
32379ce7bc2a772556ae9a275cf220d1a95550392e189bd9c5b17c507c77efd4
35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61
35f9096798f083ffa7cab51198e409ca720d9c53aea349db54b89ec71377734f
3677737a35152b4917761238247b460edae31384b922fb3094840183b92418fb
37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691
37a313683fa02df7de28034c4e09131643fa1b6ffa34eb55512e91a9d20c6ca1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3821a4020f167a0d6ee06f0a7c1f70cf5fc5341687ec2cc2284398a173af0c56
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3bb5f462f8702c0edddd60ae42e61816986dfb8adb63d9a7d43c19ca0f4c9454
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
3cf79b9aa07bca3a96720a477c5ec0d5e579f61ce4ee7dd6b6e853145de4b964
3db03dc1b5de3a02e43013198d79554b1c8cfd7cad6dafcba2378ff91192ee65
3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452
3dbf0e18e98991bd39435c652835613a2977a84e403ace49da1c504aef620fb4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3feb83182ffe2bb417792664f490d013302bb17033f5f5eee6ff204cbb2bef0f
4006c1a7999f4a60af38d3864ac4da2ff83c5a246b70486f442a310656ef5022
40c2f1a142209434f6fcd4c5563803c8cda86229d571e5406911cf57fdf11f97
439bd14456df06b460ddf23588fd676fedc58e1e72d5666729aa476a7e078c45
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44e0aa797a6220d507ba3b4ab5f8143b52b287b8b69160874773509624b383cf
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46beb43876b754e51152b513ce523be4b9696b46eab7646d9be7533c66306381
46d370366e7f27b2d4844860d2cd9ea79d0abf0c237a89055fbad84c9deeeaf6
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4b37891677b34e2ca262a83c112c76598b9b880adcb2ba71bba9e9f388ed42df
4b4755891f4348259eb539dc24de8619237f19734d0e34f8ffe73ae3d4a8e93c
4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e201b3ab3cb12811e6a4d7a91addd881ef2f01785d89eaffc2eb2372f4b2c59
4f5252aabc5f59d8aa24a90587d16ea2d8f64d0b23e9f95d81fdf62c39f2066f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
5832cdc61db8a2e74f57f9415aa14433f3952716f4603718502387c8a17d759a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8e24ac12207af6be646aeb3a531266cbcba365b429dc987517c5f99ea89efb
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5f4da29e769189c0fc84a4d3e2315152e2268d0ef3a877240832069735ca7de5
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
5f9e8a27cec7e4c23b4019a9e6e2bebcfb51da4accac10a103487663e873c86c
606d129a21d1b4af0726a4307cbb090be4527681f321b8c8b9bae44000c71b49
609bf78678197937d024c8c1cda3d194f611f9b8a86f4950b88574436218eec4
619c8a1bc32e98b1b83b396ac6229cb9569c422c061fdd52af03120011f6d2b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cc7f269591699413dd4c33cadc4463963526ab2da3495a631252aef832218a
61daf19df594f08549fbe6c7a27b72406424adc125d543589032185c6c42e8bb
61dc9bd40926384fb09673095057563c5f79041f65114ec281b25a0c41f4d5f0
622fa336b2a47e69815de4dad662a02f77c4b830189f187a8041d6618a6df9e4
62349b28ba3565da618f1e34b9e72190c45bacd9b5727ae7f346e824f07f31ef
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
68e3c72d58536b7500cfeaddf14e7e6088a54e610d0ae8779d8dc3b760094248
691ef9c5635ca38ea8916dc5d18769cd708569937ef7048654efaa6cab7d75e3
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0c3bb0a14aa577cdc61cf073ac09b2b19db7e46601c89a6b52583a2d11129a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c240e013d484ff06a3e583e643801a6f1fecee551e6ad2f1401e1e8290d241f
6c32e548d4eaa86c160fe3c340f200e7d978704133a7f2cd8f06b35d7147b91f
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6cead41d8473beb15cb3e87b8a2fc4e0e9a5def66acb40afcf9777091bc07440
6dd3a02363544c6650eff6a4685496c0faf4f9a7ea00f09f8438bb66f3ca3066
6ebf382cc3804cc14c8d3e19a7bb50245b0225e857c17dbe0d8f88968a9d881c
6f12ca023ebb1ac1aae921f6ae3303c4a76e90c71e08c6095c63bb7f6fa7c2d5
6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df
6ff082a67063de28eacf331c50eb7659917b5c7979c2d80263d6a2ee3cf3b7e3
70c2b0b6263c4f0821b7e205720f9a227700149cfab9575086638e0e2f1443f0
722b646e8d5b77c1bc2d7de4564e4b06b0203d58d3a477a1ffe250d74093902b
7245a2a316c20737b16ca50cf682297cd0e89c532afe3918fe0e821d0e4ecbdd
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7586d84068cca8c3df5780990787f036c72ea07dcfe6c50b133938122c8b6c42
75e68151ba37820b4465bb9dac3512608115f5043f3680af60cf2d5b1a083567
763940c42b97c63ccb5c0537247c663ef7636c877409e10b01dfcc719a4b33b3
76ce36e0baa7eebd6238bb9e947d276db680757e40b45efe9aa85e495f4c42b4
77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980
779752718ebaf8ecc4695614b62fc15664cdfadb259edce25207230112042ae8
77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79c0ed2a338a1b5106de5213aca682f7c3c9018780f2895726180078b637b454
7adfe627f5524ccdd01dd1124cd6f81732ff0d91d4ddec909add903f4e958006
7b05ee7daaed99de5a81ba0c9ed1e49e36d42600e1385a886518a35a479709a6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35
7d871d325802d1aff968875e674dca0c9282c4236f0afef9d063c7394def2693
7df9b5cdf2df92d6a082ee864cfd1c4371a770b43648f0cbc54276a523faed3e
7ebdfccca9486a018ad64df5e0bf1162b1d2b7fcd6c4387bd75869412808e47e
7fb7b844173d86b8a4cc54bb68f9e676d426f59b9b011649b492856bdcb4dc0d
8104abbac1f44dea1051add7ff964a71865befbb4a4c676c6616a80a83d26a33
81117b9c6ffb1914cf2f1607952220a48a70916b18d27241100515c821400243
81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c
8192de82e6ca67f29df000e5e05c84f9ac8a1844c1bf4dcee59d22eca90bd4b0
82d8b2f27fbb20378827a1c7dc7b09910e5d4e4bdd50ece74a587bbb60e7fdd6
82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ac97c6c55164825efc0def0d9fe8a2c2a9bb29886c52deab9264efe763f294
862e8a502a8a2ef54089f5e4f0eaf5db81ffa2863c678b15844f80749f42df01
86346fe615589c6005a71a42f4ad6b6b0366f3fd7c43ed5242849ad8cf06ae75
86ea610da0ec4a37ea526f214047d44ce29fa62554095afac064dc2ac114b616
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a824a89d871c7b05b636417d32c7e1663111fcc51ac9a83ec7a6771617a428f
8bba9449f664ef587b3f14043552b6e79a2a86547ffd0bf0047499b712f819b5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de483808b3b048479835f0d1a5043b3ca2480bc56758c5651e011b1bc2cd7a9
8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0
902602dfb3625930d3e656c4c196e17046a1f4f87a16cda6a477fda02565e109
90682e2f91238907278d1e36d649ccce58bf45cf12c16f157308a2009547f8cb
912ad04f7510b9a5e632a9e4dfb798d3182313dc30df3f33367b4f97ee598a51
91b23ce3bbd5e78d19b995ca4a9904245997bc08551e9010aef7a920c3f61564
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
93ae84e9bf02467f0e7375d082069d146d3d125ed62a02b37097341355c33647
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
962e0598efaceb0ca367d3fcf587550d9edd875aa9652d3967481d646e128d97
96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3
9714e3837862d23f252a77c73ccb99242781d098be29e23888a6e355da80925d
97d52298470bad459b73c596a64012e99c919440ca7a06c4bb497d049f7bd9a2
988695c66c29313e972cc6be1770cd7283b05d09e93e5d2feab94ddaac7652c9
99431bbe9c76016ad16ba292c1c2d2d1c382ceff0050bdedbee2cdde7ab6adfa
9a19e53b3a53c4396e4e373f41cc55fe475e79689d2cc6eb46969ab6dee75644
9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329
9da67687384b598767b4260136a6f044347c6ca5d9cdfe40635c884dc0b80fc2
9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c
9de0449a47376f5ebc870b7ff16353a96b80aaf573a7870e82ada3a620c217e5
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a2ff0288afa8c8622993865ca857cd48628a3dfba7d5a260ce6be49b4603a1d7
a3d6613aab2e0b0c074c485018837e7f44c0aa97b35178dee91b456d5f3744fe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399
a6ffcefba8ce0e4211c150b53e0979ea7de4417d977923a4a273b04b3886f9bc
a752623bd52b52114ab2993d77b724520e3c11b943311313d257dcf578427bfa
a8bc9b938899ca09245e931f439dfbd97fd91ecf43d6ecba1e04921823b67f4c
a94ceaa2b28c5abd18ba9f63e5f92b91daef54a2beb2c118a2945eaac84cae8f
a9bf62d53accabdf7aca53d3ff5e17c2b3754fabceebfe742fffbdfdd4272b9f
aa64c453ff31a5ec680473313259702899e85066ba55fc24fa037c70ae7b624e
aab2191bf1f8ee672c1e6b7e69e61e522eaad87c21b62b026705890c3f4ab324
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
abd3fa5abdb9a45e49c20a74aeb13f140413e303b717e0a29031146842b2b328
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac783dcf7fe3c52c54a6a8b06738cebfe5c051589c7a9690293174a99b427f3b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad483a4e616636b1165205d04324f8e67d47c02c6d9eca0c99d99dd1e2b56f2c
adf278355a1dc96030d992f6a09e91d468533d6fd887cc7b6fa34d2e3f205ca1
ae84dc0bafe3664707af7f3dd101308256462af1e3b84e56812f4f77fb732d37
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b5833fa17d144e67a74cb3d964c722dca8128eb48c84da6594396f03f3fef18a
b855b0af3ff33d653ce5c7da9b3c8fbdfc31f92cfa420e58a215958a0976d92b
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc61076920b5675833c6e1d6c61bcea07a7ed80fdae228ce87d730f649dbfe7b
bc86b33e550b81ff2b725be8c5db5027d746fa3256ca4ac16620850ff8b199ad
bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bebcb1e36b7e16f157f65f773ab4ebd0e9fc44d404c74d9b6c87319c460d209f
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c5ef31d1e0c897aa27f573c82224590a2d0810e5d0cb84c8f19f350e133fe22d
c6057af24479cd79335a4aff93b16b7d56cc774a40163fba931be8b9251eae1d
c880ab8c8fd39b74cf5af4164f8bc5b65cea156e2462893c6d6cc89d92186029
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
cba307d79275c3a5770d12392cb0d5793a553fce22ffbb4dcaf3cc9edb81f576
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
ce80453eac46e8ecc183cd0a9dffa74c3b412e2420119632bb91e698d0cf3436
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfeb411c3054928730d8f38d48bee2c32f34700eafa49ca50b65ac35c9c2d198
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d0b3ada09bcb7e580dd5617a0a8d033107c243a71cd47ab5636fe1650212ed50
d249ace5e21f137edd113dd97cb31e2b09fc3c02d54725a7220b5fd9a4ff7652
d2ffd6e089be0996c9d705ca792a39289e4d675d8eff210de39839e8dcbd583b
d3bbc29297cfd0318f7fe8a0c553a34dcce7a21ae13a01fbd44f6392887f8bea
d49e8663f37ee455338bf4bb74ebf876d2dd28bd15a20436d4498e2808a70079
d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94
d5bd8cfa91c0acd4f28da136290630444fedee8fd16808bbe315d2f380744e3c
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673
da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887
da28bf2e84f3c665cdc032009284db31ef760cc2af92d663d74f698ed03aaf30
da29e81b701bae6b2264e8114781bcc6a3f30df7952ce0eeb389ec10d909e737
db6f3a2dd6582d9c51b5d43a03680b4bdcd96ee61d03325c891078180579f7cb
dbfe0921368b1900c399535b82f79911a027369bb65ccaa619f5a85067a475c4
dc6145e07e7f849bd70673be8a237333b28f2fbc277851c25b9b8e12f7444b7b
dcb66fa0708a35c1788142e9fe216c5540c8f5a26912173c5c46b6296a7f1d01
dcd4ada1fb3e341a1e3d5242cfe4cd427e7ba155f838825cc3b6007ff0bf3f60
dd9e3c94f27a0c8a8a0e4362bd6a9a5437997ce69eb19c2a8485cf0dd7ba6b9a
ddc97c867b19e52a434bf4ae617da266aa3ba6ea7537161957d2820e52fc23b2
de45525cb5a95067bb65d8d292609c0ff4c0fd489cfe611a5df8ff14c9accd6e
df146eff73a4a1f30553e20ee178c345d8c6bf1926cce23e64072b62ba30e742
dfe15d83d6f54bbde676e733f61e8c58abe5487d3ae2f7021bd01a19f7c2d97e
e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96
e1a9be8e01e4a721b1500d065a9b62803bb83deb3d15ad649a0206b05d272599
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754
e56f67449f25398288a2c25c6bdf734079397d830cfaf4abd9c0dc0640858ef0
e641c65f0ccda870021634b66599d861117c4f93f03ef209736d8d5fa78462ee
e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001
e84241c754ae499317c9b231b08af54bd2aa760a567e3c1d95cf0b2b8f93a0db
e8f2683793c687efe38e55f2effd0e4e0440e3d0f694189a2035e8d16096cf4c
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea68f95f8531ea5d05b401c023a1aa9c37f591264f663845f36e13ea77f3b2ac
ec3ae47d1eca2b6aedac10f63a8887567ff9102b8c8bb86add3877a918614cf0
edec8383d926434d91447fb0e2e97792791ef8c27693867f2bc49d3c918d7f5e
ee4f040c51723cfc7551b8b966c9f23475ca5647aaf1b585933118aefcef1829
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39d4c25f1174bd52141dfefa1ee1c38856305673e10ca4c7af6423ea24df03
eff9d4dfcbd28e0746a788a69d9fd8683605a52c1146e672ba57ad201cfa0978
f03610252c91147e992c1764bb99999010107b8662d93b50c846b9415deb4f9e
f0b6d13319ad700a72fc81f86371142db39e075b09bc912e2b44139b56cdc032
f13c6a28b9978ebb7548c3e8c4aa46a1558d6331c7722bd30989772707a24ed9
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170
f4294322b01913d480ff8102056f138383e54611fbeb1e8fc56a9dcd4a0001b0
f4cd963cd247f1256060c5335ba6467cc929ab96dc9dedfaa09790655942cec9
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6ff6c95d808e273134334d265c98c94604ba442eae788e397ecb859efb9f88a
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f84d4f321fbbed05df38f3b8907d2212f5e763e91edd7852c5f185f8f8472b2a
fa94fbaa578830445a67c013ef7c5fa47cd7a5e7ae96da6acef038ed86629e10
fb5e1510ab30a2e1cb2f4d21c1e8f6d4036a9ccdcd885c03492f6cdadb4da71e
fb60690105f3079674472358be6ea5f803f4468e120500627e77b9e75abea178
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fe0cd2a0886e1bb2b7096cf665a10a8d60b84c52ced448c293ecc5858028f49a
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
ff48e0d745570b8ce2b130033596ab4059b9efe5c136a5a8d496711b9c121635

www.thestar.com Open in urlscan Pro 13.32.27.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

426 Requests

91 %HTTPS

36 %IPv6

73 Domains

115 Subdomains

94 IPs

10 Countries

6168 kBTransfer

19174 kBSize

111 Cookies

18 Outgoing links

Page URL History

Redirected requests

426 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
13.32.27.75 Public Scan

Screenshot
Live screenshot

Full Image

426
Requests

91 %
HTTPS

36 %
IPv6

73
Domains

115
Subdomains

94
IPs

10
Countries

6168 kB
Transfer

19174 kB
Size

111
Cookies

426 HTTP transactions
1 data transactions